21579 matches found
MAL-2025-191156 Malicious code in zuper-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4cc2065f0dd8abd271cf1dd9577497f7fb19724820c50925509236093e73567 The package zuper-sdk was found to contain malicious code. Source: ghsa-malware c84dbb98c137f6b50ce20f0cae6113a3d32f5cd6910583273c4d11d4966d105c Any...
MAL-2025-191001 Malicious code in react-native-modest-checkbox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c98ef36559d9b7c9aeeb0abd25c7f2078178584a29234764e9a1ad89f6bb826a The package react-native-modest-checkbox was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190962 Malicious code in haufe-axera-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e49957e5f8983a7e16bd6d6377b03e200addbb6bd6dcd834f6370b5fa5f77061 The package haufe-axera-api-client was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190958 Malicious code in email-deliverability-tester (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074d5f649d3b599b504b29b284fa8a5c5a71d305b58d63d38f2ee3c9202eb982 The package email-deliverability-tester was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190936 Malicious code in typefence (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c9ac344bf18963e146d64aec1de72c3db819eb2c4356be7257ef1980555a17f The package typefence was found to contain malicious code. Source: ghsa-malware 28d8025e6d485b7679079ba265b2ed9a28c10029903c94441308121d974cbf18 Any...
MAL-2025-190939 Malicious code in upload-to-play-store (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86f86113dded695e7f899fe12b243d559d7cb4ddf1f6d3d67aa8318c07ed646d The package upload-to-play-store was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190923 Malicious code in mcp-use (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e38bd6291f6f6d66e34397d1b1495513a53528efac94b63487a1646eb7aa45af The package mcp-use was found to contain malicious code. Source: google-open-source-security...
MAL-2025-190882 Malicious code in @posthog/hedgehog-mode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5b044ae176df3e6019c54c314bdf3ec17c98741510cf5c024f85a07c7e520b1 The package @posthog/hedgehog-mode was found to contain malicious code. Source: google-open-source-security...
MAL-2025-190886 Malicious code in @posthog/nextjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79eae844852de94f0a7cd6826f344e60fe40945cdacfaa3d3d589c965ade4ad1 The package @posthog/nextjs was found to contain malicious code. Source: google-open-source-security...
MAL-2025-190876 Malicious code in @posthog/databricks-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e391efe36d6c40d46f8c9abbf9d68a3b7b73a56319db5a85a486fedfe90cb394 The package @posthog/databricks-plugin was found to contain malicious code. Source: google-open-source-security...
MAL-2025-190848 Malicious code in lite-serper-mcp-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4004eeb497395a7e5423b056c76905cd2679f242fc432352479ee7b657383084 The package lite-serper-mcp-server was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190839 Malicious code in create-hardhat3-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5a1dad1ef411b38a2b87787581837e9c9f5a26fff790d14057d04ca67c06ddc The package create-hardhat3-app was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190787 Malicious code in vite-plugin-httpfile (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d63741ea6b6aadbc224aabf56e98c5eb7b664d7554dbb502869a97ffffb2f46 The package vite-plugin-httpfile was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190654 Malicious code in @asyncapi/converter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 391d5e53843731fb634a2f3811928f21e466b64aa48d1383b08f7f3708f603db The package @asyncapi/converter was found to contain malicious code. Source: ghsa-malware...
Malicious code in cressida-vortex-lint-staged-blueshift (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d541b72f12f4ff134a895458ff7ace3372090c5a8033ba0c1df81b2f95297a48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in juno-pyxis-barnard-perturbation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03ba7667bb839b545547f830a7cd64064ebb2ed6a65582c2229a5f9a02be6dcb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in async-psi-alpha-query-theta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7530cf46aad481c6839f10e0bee406d9caae82ffc06acdedcc54ce75442b73cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lint-staged-superagent-eridanus-bionics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 066dc6b85c08093514728ad74577e54a20edffbcf7d838638c2e8ccbdc1dfd28 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in permission-resolve-function-fast-try (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 459860edf67e24cf65eba1b81de8a35d10e8de00a10c131af68c3734515c11af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in await-float-optimize-route-omicron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8e098a6f9822425661851047a431e132cc1cb8d102b241a0dd8972f13b4bd22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...