21578 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...
Company that Secretly Records and Publishes Zoom Meetings
WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes alternate link the recordings. It doesn't use the Zoom record feature, so Zoom can't do anything about it...
CVE-2026-22040
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...
Malicious code in @lokeswari-satyanarayanan/rn-zustand-expo-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73fe3bd99e2f11ab8bb09a9086c4dca8af56372031492ed11d90f1e32a0e8f53 The package @lokeswari-satyanarayanan/rn-zustand-expo-template was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/eslint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4db5527f8a6098b9553e656b50ee1e0fcae45b163917de83299e9e5200ff96f The package @voiceflow/eslint-config was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/voice-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79c5cf11d531645e24158300a51c4ed8ec4267e9b59051ff7f5266e5cdc593b6 The package @voiceflow/voice-types was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/commitlint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0318a598c3e523953b57c870305c3d1237a290a253f3d69dd9f24bf6ba079d6e The package @voiceflow/commitlint-config was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191196 Malicious code in @browserbasehq/mcp-server-browserbase (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59c07fb8ebd39670ff0a8c67a71dc45872c40e94a70a4100940576791f12cd66 The package @browserbasehq/mcp-server-browserbase was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191293 Malicious code in @posthog/intercom-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12c972a0fa0f1cf26c3a80f626651c44d7d2b9021694b8e4f965ff35b56b0429 The package @posthog/intercom-plugin was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191197 Malicious code in @browserbasehq/sdk-functions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0dcba06b8039c18710f9cd77f877d6f7bcf48e1c0d25d161f404e2a14b689fca The package @browserbasehq/sdk-functions was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191387 Malicious code in @voiceflow/widget (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac19bf504aadbfdca19efac5f7d258c14c541a1f9747324e00da8220b0b1d785 The package @voiceflow/widget was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191278 Malicious code in @oku-ui/toggle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d0819bf4913c5aabf31547b239ee5407c6e581d71ef7d041451c7f162314c1 The package @oku-ui/toggle was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191286 Malicious code in @pergel/module-graphql (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ce0c82f79656be99edeef5afbd890a8a5720c0a0e6acbdd2ce273ed8c151c2c The package @pergel/module-graphql was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191339 Malicious code in @voiceflow/commitlint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0318a598c3e523953b57c870305c3d1237a290a253f3d69dd9f24bf6ba079d6e The package @voiceflow/commitlint-config was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191364 Malicious code in @voiceflow/pino (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 980243b18346b941c1cb5c2390751258de1c019b02526dbbd7ad2b2e41069656 The package @voiceflow/pino was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/toast (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b944224d9a502a3f5bb5f7bfb4530de52ce4ffac6f94c8588fdda2f22563953 The package @oku-ui/toast was found to contain malicious code. Source: google-open-source-security...
Malicious code in silgi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bab0537c840944fd6fac261deaaca0e3581745c3412d28b7ae3f0f014361c70 The package silgi was found to contain malicious code. Source: ghsa-malware 93a7af2f566e0384a306202ff261bb7cdc496fb32e582afda5808432c3ca4935 Any...
Malicious code in @oku-ui/slider (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71cb82e7b11eea9aa7260ed7a7e31a29e21d10d81735768c536e42ee88d28b71 The package @oku-ui/slider was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/portal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0711033d654f75b42d8959721555bcf5aa5fb766ccc12b6e89c56eef0d8cafd The package @oku-ui/portal was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/voiceflow-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64870c57f06fc059636a3136cce3f775121952fa37459d740810067378d88c0e The package @voiceflow/voiceflow-types was found to contain malicious code. Source: ghsa-malware...