1017 matches found
Malicious code in xnder-sdk-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0aeeac149a5afa4797eea935b2a54b66fcf2cfd939fce855655208245ba9e5a7 The package's index.js is heavily obfuscated string-array shift/rotate pattern with hex-encoded indices and a while!! decoder loop. Obfuscation of th...
Malicious code in pino-pretty-logs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7864fcfe92b62b2ddc003e696cbe02d18e0979f4336bff4cc9352f318b260fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6865 Malicious code in polymarket-onchain-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73556a574d8ee416a5440f889b73cafff3b464650d6b2b2caf4001ce15086f6c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @gallup/pc-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eca755b4cbe794ce9b1389cff974fb13df6325eeb2eb658ca64a7bb7ee734b8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6407 Malicious code in @su-doughnym/hubspot-loginui-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72fa1e159f93bb8a1336dc48fe329f3a7801ebf56a49620ce67fd013ea8995ae Package is openly labeled a dependency-confusion proof-of-concept and uses a high version number 99.99.99 consistent with that intent. The preinstall...
MAL-2026-6204 Malicious code in ts-ecro-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86149b041033a917b3b743b9381a14368e79015385b27b89429cf7f6a35d0d30 No suspicious behaviors were identified in this package version. There are no lifecycle hook hazards, no outbound network calls to attacker-controlle...
MAL-2026-6111 Malicious code in @rafaelsene01/agent-flow (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3855afe87d31e428546f226e1da9236cd0e4dc45a477afb9f6ba1c707a4b05ec The package's main and bin entry, dist/agent-flow.js, is shipped as a heavily obfuscated bundle produced by javascript-obfuscator declared as a...
MAL-2026-6041 Malicious code in @mastra/upstash (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 109a798f50c4d4a1e3d840f494f4febeee6911daa9b2ecb5d1a6dfd7369a96c9 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/pg (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a70008c61b1e4ef205086d9fbbeb0435c8cee10e414626617fec6b946d45c84 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/libsql (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bbbf064d557b14369949349954c599a26dda8f1d99e99bc5528c4b94e99bffb The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in ecto-corsair-flag-x9m4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd1e74d04f91a92c7c0205e252bc0002095d0c1ce9b9e9390083d267422e8b10 On npm install, postinstall.js executes attacker logic gated by hostname and working-directory checks designed to fire only inside CTF-style containe...
MAL-2026-5674 Malicious code in @johntaohunter/forge-jsx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bfdaadccdf8be83d7d73486bbaef607a373bb063881e36a37ef0c0846e701b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sass-formats (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ccda832d10cb642350129278ae1fc341d3be8b8302ddbf9bdcfc15eeeb6eae8 The package name sass-formats is one character-edit away from the popular sass-formatter package and reuses its original author field "author": "Syle...
MAL-2026-5631 Malicious code in tailwindcss-animatics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b874b5b9324f64b8a30a60f2c89c8ea75dd40de7503a678c9d0e1829e53e8f01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in npmjs_truffle-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25fbc74fbe261cc7bba8c1f9005f7b7573aff1240a5ac8bbf831a3ce8a7c23e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in nodemon-webpatch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b105e115122e719d986bfb11b73b58a67decc47f5a6b609b9f5e3ea496eb43ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5085 Malicious code in web3-config-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dc426e6e28603268949be1817881f2269e7b0464c0fd513690f2f77b6637a719 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5068 Malicious code in evmchain-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d325c67c3edd95dd9b9e24502f3c8d01369606c35e1231231383e34a24b2da7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4833 Malicious code in bulletproof-json (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00849bd08fa4e9ebb1877039ab1ff287fd0ab89a683a45229176f717b6db1e9d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in motion-ui-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21ddce58f1bde22bf0563aee5f71aefe48c82ad61076557935bf8fff16eb9df3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...