19 matches found
MAL-2026-3598 Malicious code in @draftlab/db (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
MAL-2026-3584 Malicious code in @uipath/uipath-python-bridge (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 465b4e4f63672a795258fa84f389a2194ac5052990b98799381806b2cc286069 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3558 Malicious code in @uipath/packager-tool-bpmn (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a5692c6b042a5bcb1332d3c1efb3db46428eaab10fea07d84883480c041d835 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-191187 Malicious code in @antstackio/eslint-config-antstack (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df3b34f284b315d21cd0f6b7ea57e1fc8b908ade13ffde115d3fb1f6727c7d4a The package @antstackio/eslint-config-antstack was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191388 Malicious code in @vucod/email (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e91b5731b235151065b43287967fa368625822413bb181076f044b34a155d0c5 The package @vucod/email was found to contain malicious code. Source: google-open-source-security...
Malicious code in hyper-fullfacing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9c05ea2ff38a274ac4ddcadb9206e1f6d6736e32ce536e149160e99fdd37ba7 The package hyper-fullfacing was found to contain malicious code. Source: ghsa-malware 0068679876dedee5d5fc8affa29f353019af199cd3a22493bc1e122f440b32...
Malicious code in @browserbasehq/director-ai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b86bd8a3bb8b027a0b305fca0e5616b1f8cfee1229e47609ef43a14edb2ad0c6 The package @browserbasehq/director-ai was found to contain malicious code. Source: ghsa-malware...
Malicious code in @clausehq/flows-step-mqtt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55586de02f72931159b200d06ceacff4a40d50ee20e753335fffab62df93608c The package @clausehq/flows-step-mqtt was found to contain malicious code. Source: ghsa-malware...
Malicious code in @silgi/better-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 528101596869077cdc065844f592e42299e9806c92d2b4f6f145ccd18194fdd5 The package @silgi/better-auth was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191311 Malicious code in @silgi/better-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 528101596869077cdc065844f592e42299e9806c92d2b4f6f145ccd18194fdd5 The package @silgi/better-auth was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191416 Malicious code in rediff (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c86aaca91ce5f75365f233d2d0448fcfe25ce792ebc203487993fdbed70e5c68 The package rediff was found to contain malicious code. Source: ghsa-malware 6f58213ac5761ffaaca614a73e2f1b9927e9f4b25f9dc8b3f64258411281ce41 Any...
MAL-2025-191070 Malicious code in barebones-css (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a6b6723c24807a6fb2e90c2f5e0f7238e1a2c25e2602ab7f4ba4bb3d0f13efe The package barebones-css was found to contain malicious code. Source: ghsa-malware 32d179a02b1e407d2a71cf2912a7c87d6419900b71e13260889103a40736d0f6...
MAL-2025-190981 Malicious code in next-styled-nprogress (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73288a3937c0b6e5fe20c011142795ae2f436252a77e2ab6b24dabcdb9ab7dd5 The package next-styled-nprogress was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190974 Malicious code in jacob-zuma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5046cda17d3d1de49e402cc9dbb860de629a5843d6ad27d2db95f626a280408 The package jacob-zuma was found to contain malicious code. Source: ghsa-malware 0aae0c8157adb8caf2d0af0aab7f402560e4489ff1f7f8b615bb7f79a23b3c1e Any...
MAL-2025-190763 Malicious code in @zapier/eslint-plugin-zapier (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4f3af0dfab295d120b932902816e065f092b48671909a971a2994cb3cb5afd6 The package @zapier/eslint-plugin-zapier was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190767 Malicious code in create-glee-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5c0932871cd18a6f6a6b4dc800d53bb26dee4aa4d1ca50380eb529d8de49e31 The package create-glee-app was found to contain malicious code. Source: ghsa-malware e24413ea376e0b85679ffebea5b81417a76a0134b6cde174e7a183437326193...
MAL-2025-190644 Malicious code in @posthog/ai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a9a022b20b3025cb0846139ab6f2a1308025ed8ee902db18aacbfa95c6ea7e6 The package @posthog/ai was found to contain malicious code. Source: ghsa-malware 1e6a08419969270cca059f804bb3ec25aa0427f00ef555a9409c12d50921a83c An...
MAL-2025-47372 Malicious code in @art-ws/config-eslint (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b89332826cb57152a8288941846a48e6ecb1d8d979bf641a288f740c34a0b99 Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47272 Malicious code in @teselagen/bounce-loader (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f2f86497a8f8ebd289f9296f0d154c87fd2429bdf4fc8de97c6b1684ed3b9aaa Any computer that has this package installed or running should be considered fully compromised. All...