21578 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...
Company that Secretly Records and Publishes Zoom Meetings
WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes alternate link the recordings. It doesn't use the Zoom record feature, so Zoom can't do anything about it...
CVE-2026-22040
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...
Malicious code in @lokeswari-satyanarayanan/rn-zustand-expo-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73fe3bd99e2f11ab8bb09a9086c4dca8af56372031492ed11d90f1e32a0e8f53 The package @lokeswari-satyanarayanan/rn-zustand-expo-template was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/portal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0711033d654f75b42d8959721555bcf5aa5fb766ccc12b6e89c56eef0d8cafd The package @oku-ui/portal was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/checkbox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85b761a46dff9ea0ec6705cfe75221ceb7a3adeac0b4a2954618b3b069db3824 The package @oku-ui/checkbox was found to contain malicious code. Source: google-open-source-security...
Malicious code in @silgi/scalar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 718db30ae906e5148f4892029a4e6e20c813dfa5ef8eb9a76a46b1c1769445d3 The package @silgi/scalar was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/voiceflow-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64870c57f06fc059636a3136cce3f775121952fa37459d740810067378d88c0e The package @voiceflow/voiceflow-types was found to contain malicious code. Source: ghsa-malware...
Malicious code in @oku-ui/menu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c596c8e5c233827737327907a4b122e7fc154c1865ba347b975cd3dda7b591a9 The package @oku-ui/menu was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/switch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 740a6698034fbce630b1da1ce44728782b3f71faffd3ee2801c45b6a3f9e6f7e The package @oku-ui/switch was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/motion-nuxt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f92b87caa59206174882fe75cd77964bc3f31b824958a07a22210e50eeb21ac9 The package @oku-ui/motion-nuxt was found to contain malicious code. Source: google-open-source-security...
Malicious code in @mizzle-dev/orm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd528c11fe54881e4913d51e5acc448562c3fc1b7edaae7aa2a40e6b12425f55 The package @mizzle-dev/orm was found to contain malicious code. Source: ghsa-malware c327219099fb121baf202032e61fc1b4881236e892dea9b4aa2b6159f953696...
Malicious code in @livecms/live-edit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c7809db8bb669af7eb4bdecf71a153df39183ffffcccedc22eb5a123491bfd9 The package @livecms/live-edit was found to contain malicious code. Source: google-open-source-security...
Malicious code in nuxt-keycloak (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbb088ab2b0e4b6991065c6bcdc57302ff545bb3fe2f2a73ec21fafeae1175f8 The package nuxt-keycloak was found to contain malicious code. Source: google-open-source-security...
Malicious code in @afetcan/storage (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4abbde27cce56326711e4e32f42572cb60977ca7ccce4ebf1fcfa558a847c1a6 The package @afetcan/storage was found to contain malicious code. Source: google-open-source-security...
Malicious code in my-saeed-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d222a4cf76e8e0efb6de33ce203327546a24a125a7b6fa1e70bf04566d4d1dd The package my-saeed-lib was found to contain malicious code. Source: ghsa-malware c835d59a9317a70385922241ebb4aa8a34025c5cef3f3c22e03df1fc6f22042f A...
Malicious code in @browserbasehq/stagehand (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0147cee6c903a9fd8dabfedd42c60df91437e6a7a750bebff3c26ce687d4443a The package @browserbasehq/stagehand was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/commitlint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0318a598c3e523953b57c870305c3d1237a290a253f3d69dd9f24bf6ba079d6e The package @voiceflow/commitlint-config was found to contain malicious code. Source: ghsa-malware...
Malicious code in posthog-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b422f278bf27e062b349e97360b6919e773122f21656f23d6da583ce7cb1a92 The package posthog-js was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/slate-serializer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb7716bab0bde17a29c041cd61a934d39d4717019743671e8d6164fd166c0bdc The package @voiceflow/slate-serializer was found to contain malicious code. Source: ghsa-malware...