2 matches found
Malicious Package
Overview @pulse-web-platform-core/scripts-loader is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organizatio...
MAL-2026-4421 Malicious code in @pulse-web-platform-core/scripts-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c69fc52eb76aa05711ea0c128624eb1fc8c70655a58f2f3e646da1dcd20f254 On npm install, the package's preinstall.js performs an HTTP GET to http://$pkg.$scope.oob.moika.tech/poc.js and passes the response body directly to...