39 matches found
Malicious code in @ids-alpha/theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69b423c1268bb757d8dbdb3ed3f18f694342108deb76ca68405c72c2d9ca0775 The package @ids-alpha/theme was found to contain malicious code. Source: ghsa-malware a13c5be1a3936c956e02fd943b70f241a2dd8ced305b3e54165d16faae329b...
MAL-2026-1321 Malicious code in @openclaw-ai/openclawai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f93eed751f0a289cca2167f2999e3757984b82f1dc815e9a68dd05b5a95b23d The package @openclaw-ai/openclawai was found to contain malicious code. Source: ghsa-malware...
Malicious code in @global-dax-ad-platform/dax-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e50b13916c14b17a01e550d32711ed37f8842bc2a0eede3ea254df64f7a0af1a The package @global-dax-ad-platform/dax-components was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1161 Malicious code in xpack-sui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6569d492596cfa28e2627bd747ac4bd380bf9ff0e7ce0d931036e5f8de9ed276 The package xpack-sui was found to contain malicious code. Source: ghsa-malware 3fab32aa3396f63ec52f77a3d6ba319776c90390afa1264937a1537dde583443 Any...
Malicious code in argon-web3-chain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 608cea5b2c28269fa6aa53d4dcd211b83843a935732729e7ec08a2a2130d9209 The package argon-web3-chain was found to contain malicious code. Source: ghsa-malware 6680014069f64072ffb4e22ed7e3779a0b88e7c503644cb0a491d67605078c...
MAL-2026-402 Malicious code in vworldviewdir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0b210fefd46c64493bc3663c4af48a69cac8f12908d33018d20697bd2085c7c The package vworldviewdir was found to contain malicious code. Source: ghsa-malware 3dfab7849c9725e5a6853c4868c0e27a4013044ba3aa7602eb9fbb06bf714f62...
Malicious code in @mikudev/ridwan-signal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c96124a8175a81f43ffbd0c2b9acc96782560b9e737266ccac47204d9605f31 The package @mikudev/ridwan-signal was found to contain malicious code. Source: ghsa-malware...
MAL-2026-90 Malicious code in matic-transfer-consumer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2bf4eeb30140d673f8136ab4039e9f3bcc3f3b7d7482e96260a2806bf890eef The package matic-transfer-consumer was found to contain malicious code. Source: ghsa-malware...
MAL-2025-48287 Malicious code in sp-web-utils-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 18030241ea8f0cd79b1c6d323dfb7f1de0ede76c967166f73fcf51108f2ecc52 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47949 Malicious code in orvllaaa (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3584ab328dd8996e4d1e1746cfa59a920d22e771c85deee2eea112829de20ff0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47192 Malicious code in mysteryxyz228 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 22682ceec435c59527a3d5aef373a154b9df5154463ebbe5620cc739d5c7e57d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vite-lightparse (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2be62813ca93fa71037568bc538e2ac083ad48faf1e5d0f362c4847d0f8a1b39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sforce (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a1006bbc6c749967a658f4450e8557dbe5aec05fcc5d4ef9a9d8fba16bbb0ff8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in gash (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0d7e92080b720d7d708537639734002025adb32846e183163eab64fed19c17e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in event-handle (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80089375c8962bc9b14ecf6eea6f7f669f3235efadc86a11dc4a601ea24b8581 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in merchanttoolserv (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5064980441eee945866b35b80f2f2f2935f077673a4fa8f15c147e7f043c4d5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bithumb-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 486276686eda2f4f675b363605d7e934f7665dfbca8a85f49d8b76a801f7ce43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @diotoborg/aliquam-commodi-ducimus (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a90b39a2fd541fd9b1ff95299b0cab8d887493f1aa1cb5b237d0e571f56e1fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @diotoborg/perferendis-illo-facilis (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60aa8142e89a70ebb899e823e44c4f184f9682d8898576b8f3491fdd7b70fb1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @diotoborg/id-fugiat-velit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8ace3906fe2cf66de6f9c0a2a32b2a356297501798a63aa94742747775b816b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...