51 matches found
Malicious code in ishowfeet17 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8a7da1cae4bcc5f4805bed7bd781b9e27de67b2264f6ba7740c8730369c9405 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in backupgenuine-updated (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 163e55285112106141566338db7483490b20567a431458b4b921a71534135ce0 Package published as [email protected] with description "Republished package" actually contains a Vite-built single-page application titled...
Malicious code in load-nuxt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5e95bb337136d6bfafcd6f21bb8cb1d98da703f7e20b851b3af82876018ffac Package name resembles the Nuxt ecosystem's helper naming 'load-nuxt' and is published at version 99.0.3, a version-number shape frequently used in...
MAL-2026-5497 Malicious code in @validate-sdk/v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e93b483fd9338717a984d2e695d44a5497cb4b2d1a91c0eabc160fbc6d6cd7aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3166 Malicious code in apple-infra-escape-audit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4ca3e5d6066fa58a9fe52cc968a31569064af5959443ab3b8088f088c72b851 The package apple-infra-escape-audit was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2845 Malicious code in node-red-contrib-yolo-object-detection (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f37c68b0e146f969ed875753302026894ce41d379d736a1856b9e12a8c1a4479 The package node-red-contrib-yolo-object-detection was found to contain malicious code. Source: ghsa-malware...
Malicious code in @emilgroup/insurance-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddc13f3218d4cac889a3d7c9d646430c04959f242c5c6cb593d3a31f84baa7a4 The package @emilgroup/insurance-sdk-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in iron-media-query (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 548ed1fd1be98d1ed340a991d8db46117cdd8cdd2a43f625408015ed6714d778 The package iron-media-query was found to contain malicious code. Source: ghsa-malware 159ebd19facb8454d0a41a0815dc3f3c0516dfc4f7a7ac22c5ea3f106fd008...
Malicious code in format-defaults (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f00cab7061e49ab4c27f149d8944dbf016be470f0a6380b58d1432ce3c5dfd04 The package format-defaults was found to contain malicious code. Source: ghsa-malware 90aea488bdca1dafac7912501be1bdfb01e2304e4a110715802f98994f2c712...
MAL-2026-833 Malicious code in express-configer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e492b9087ab21198777e586b9d21eade1fe2948bb67f1ab484c7274056861276 The package express-configer was found to contain malicious code. Source: ghsa-malware 8484436a0b43b94054c0fa7ceb955362a6557d9bef3019e2fae2e51e42ff1f...
Malicious code in dise-pkt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b02da19d128c79fa9465ba506ff8f53abb3ef541a1da253174255be017c9fd97 The package dise-pkt was found to contain malicious code. Source: ghsa-malware 58b8c2811e173e83d76597b5cb08d80de79cbc72396b7ba7957ed6c15a6003a2 Any...
MAL-2026-425 Malicious code in plugin-vue (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03d02d8d83b614a55ba66663cbaa93bfc062bb8de63f438fcd60bea960610a5f The package plugin-vue was found to contain malicious code. Source: ghsa-malware 5dd13d282d1e3afa8890341ff538701132443043511faaac6d79e562de074cb3 Any...
Malicious code in quantum-packages (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 144aa1474c1b5043966e321c81c29f0fae41f764e0948ee5491baa14a08563b1 The package quantum-packages was found to contain malicious code. Source: ghsa-malware 615e247f6ecd82d6ec0aacb0855b7a222aef75c2834a024b3b99ee38c2e7fb...
Malicious code in redirect-u0e2q7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b8b0dd60c89b0c84968f34108c06d0e58951c2c9a1b03a2b826c6261e7da224f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in affected-tests (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d28082ed059e68e9aeb19f28b4d928db94d6f5392467f2fd362a468fd93bb6e6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47829 Malicious code in node-notifications (npm)
The package node-notifications was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f537b45789bd1ad6fcec083716172d0230b37e04510ace80351a35ef51cf0a9 Any computer that has this package installed or running should be considered fully...
Malicious code in mysteryxyz228 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 22682ceec435c59527a3d5aef373a154b9df5154463ebbe5620cc739d5c7e57d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in grok-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 86e3c3ed43462c81e220a40fc8643c2c519f947bb781dff9a1d13de547b4d520 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-smooth-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7510dd029031b29ab209e3114deb48a7ad72b83c7d10073376637b71e89abf7b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in internalwkl-1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 929f2a7e5622ef6954156300b8095508bdebc3f69573d35fdcdb9785504809ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...