13 matches found
Malicious code in react-ui-polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63c43460df1ee670b8a5982d77e7028aef7df25fa38922f743489fd52b41b5ea Package advertises itself as React polyfills / UI compatibility helpers but ships no React or polyfill code. The exported getPlugin function returns ...
MAL-2026-782 Malicious code in ac-polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a7d9d049932519bded5d12b8627523ef63dac69179b1ce873cf4cd8b7fe6849 The package ac-polyfills was found to contain malicious code...
Malicious code in ac-polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a7d9d049932519bded5d12b8627523ef63dac69179b1ce873cf4cd8b7fe6849 The package ac-polyfills was found to contain malicious code...
MAL-2025-3653 Malicious code in vite-plugin-node-modules-polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba225e7480a310032d62d6de3db636b57a0bb3e2594bf99605df20b09352eab9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vite-plugin-node-modules-polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba225e7480a310032d62d6de3db636b57a0bb3e2594bf99605df20b09352eab9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in calypso-polyfills (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1750 Malicious code in calypso-polyfills (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious Package
Overview @logistics-frontend/polyfills is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...
MAL-2022-4712 Malicious code in mrg-polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e69a37e133ae63cb65a8a92b0926bc8bf355e591a81890bc264ca7ab6e9e29f5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mrg-polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e69a37e133ae63cb65a8a92b0926bc8bf355e591a81890bc264ca7ab6e9e29f5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-396 Malicious code in @logistics-frontend/polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5f64b2f1ddf3127537e8c1840e3435d7ff1cbe9db0ed322bcf357600faace765 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @logistics-frontend/polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5f64b2f1ddf3127537e8c1840e3435d7ff1cbe9db0ed322bcf357600faace765 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dbp-polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4f59dcb33c6b979c2571b136278d2a4dbb77c122506b74f77ed0bc422fed824a Malicious packages campaign since 2021 targeting developers, steals source code and secrets...