3 matches found
Malicious code in @postman/mcp-ui-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63316f530f87ac69078cc5b93dfdbc1a58d62f1f37a663f8bf40cb5489f4defc The package @postman/mcp-ui-client was found to contain malicious code. Source: google-open-source-security...
MAL-2025-190902 Malicious code in @postman/mcp-ui-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63316f530f87ac69078cc5b93dfdbc1a58d62f1f37a663f8bf40cb5489f4defc The package @postman/mcp-ui-client was found to contain malicious code. Source: google-open-source-security...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...