MAL-2026-5584 Malicious code in justgetit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f6e3691bf83f31d1f1dd45e3224151455cbcf6b03acf1d50a25a96eb69ef3065 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in csc154-internall-depend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 468d4fe797c3be3e29ea6da37c1b04112162bd349f7aea270cdbc4ba929d945d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @redhat-cloud-services/chrome (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

Malicious code in @redhat-cloud-services/frontend-components-remediations (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

MAL-2026-5081 Malicious code in tailwind-effect (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a340be9809f1baa4f0e0ce64286a7d9266ccb49cd82fae68f5ac02b50e193a5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wm-plugin-json-conditions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43ae510c22e7ea36051bfaa2a241bc7f8035d9047c3fe927438ceef2f2ca81cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in deltaprime-primeloans (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware de6dc7446f54374a89a45ea8f749647c8adc0aaf24720bd32ccfdb07e5b48042 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @uipath/case-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c66eb0255d40992fc638ffb18c027abb448bdd26f8982781cf0f7da3be7b6910 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in hls.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96d28bd3e78b3ca60b3356380f0d7931659606c2b5def5865480d838ad21a0b3 The package hls.js was found to contain malicious code. Source: ghsa-malware 04b58b7f11fd42610f3056d4bc9aa84804d2ab9e657d7b84771cec1efe363ba9 Any...

Malicious code in node-red-contrib-yolo-object-detection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f37c68b0e146f969ed875753302026894ce41d379d736a1856b9e12a8c1a4479 The package node-red-contrib-yolo-object-detection was found to contain malicious code. Source: ghsa-malware...

Malicious code in @zgny/onboarding-consumer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 684a60d5d9d4b9ac47a7796608812b7cb223c1567b4ff70aa057e57b6101f590 The package @zgny/onboarding-consumer was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2165 Malicious code in @rexxtheproject/keyed-db (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa8d0778ab610c5b6e2320997c2427bf9e6295b93fe16ae478096953c1de9b34 The package @rexxtheproject/keyed-db was found to contain malicious code. Source: ghsa-malware...

Malicious code in @xvortexsockets/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6fe781d4e79519992d2b0f37577515da41d7e0deb2f9f32df7c39dfb8de3916 The package @xvortexsockets/baileys was found to contain malicious code. Source: ghsa-malware...

Malicious code in mtpmysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d398ba3dd05ce79a06fb2a2433842d601f917e38ffaa3ad94c02adc1bdb3b67f The package mtpmysql was found to contain malicious code. Source: ghsa-malware 0c3a7ad80c6454678adb0b86352965523e6157aec98c3976686697663fd882e8 Any...

Malicious code in typescript-react-query (npm)

The package 'typescript-react-query' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

Malicious code in declaration-block-no-ignored-properties (npm)

The package 'declaration-block-no-ignored-properties' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2...

Malicious code in @rothaus/falcologgerinternalstate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6412742e7e3c8073b47d2b5b30628d048c74cb63fe4e6b33cb727931a4a63d9a The package @rothaus/falcologgerinternalstate was found to contain malicious code. Source: ghsa-malware...

Malicious code in pear-apps-lib-feedback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 331d2742dee8271e5d493e475aab23ee3f05adc5e02888d87127d189883cc50c The package pear-apps-lib-feedback was found to contain malicious code. Source: ghsa-malware...

MAL-2026-852 Malicious code in chai-await (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 463f0440f6a90a98f9a12131b19f99b472b0ee82b6feb5b6066996ca4be4e07a The package chai-await was found to contain malicious code. Source: ghsa-malware c3cd8be2d97babb314b0adf3d3b9b6467057d39f64e41afe5d5f33cad5e3fbe6 Any...

Malicious code in sap-code-style-guides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13203a88392c91986f587e28ca25120b54f0c4d4ee5dd2c330c2bbbe6243203a The package sap-code-style-guides was found to contain malicious code. Source: ghsa-malware...