Malicious code in foundry-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4918af978c72d6459e02a9d0b1114f54cde7f3973b1cc3f61b497a0575269592 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in codex-devcontainer-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8248bf278df1e89da484099e912cdf9f8659976469a219bee14a03e2755391ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @service-suppliers/set_initial_loaded (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bd44f16d8e16a982d3d1b38f7956db80de10ef3c0c176e7079e684926c1c3c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4297 Malicious code in @gbrlxvii/ts-env-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a87c7356d89cd5eab9c271d10f1a74e288d09e5cf9333a9ee102ef8a532b31dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4316 Malicious code in internallib_v95 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 446fa224122b28950a2a22289bd7a9bf4a29861cde218c495651e1e58da37176 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in auth0-internal-collector (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9cd9c4c46311fb401f00b6d79b338757ec70d4c666fcf65ab5ae95a90d686233 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4315 Malicious code in flownodelp5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 575f60ffff67c8ec6924f975f378d7185d634e49dec8e3cc8637941eabfeba83 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in levex-press (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f33c109f544ebe960d2fe2880abba71a8abbbcfc1b8042ca5c5d5d9e6ac6b557 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in chai-as-vec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc2944243ad1e093008da195dce566e63cce55ebe7fe0f5eb98ad71ffaddb81d The package chai-as-vec was found to contain malicious code. Source: ghsa-malware 881a1aaf4a8b84da34d86f9eae83889cf848ee573bc5b1b0323a75edf9789e86 An...

Malicious code in cross-stitch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfe06155444d60d3774a256051b31f6a4814f484f33830cbe61eec7ebe611be6 The package cross-stitch was found to contain malicious code. Source: ghsa-malware 7c23bb77e762be76915e8202d11074aaa122efe0a8a32e403fa00ee8563c9bbe A...

Malicious code in frank-newton3-final-audit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7475946d315dcfc995a7c806043777be1e5a57b72c7c1313fc36944f37a52db1 The package frank-newton3-final-audit was found to contain malicious code. Source: ghsa-malware...

Malicious code in wrapped-logger-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe112208d0bcdd21ccfe23bb9c5658a1be2eebaf37068032ea67bb9f93559a9c The package wrapped-logger-utils was found to contain malicious code. Source: ghsa-malware...

Malicious code in tailwindcss-style-typography (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b625db5a21e8ed06ca7ce3b8d75adeff20b4179dbebe797b13486039aa74d6ea The package tailwindcss-style-typography was found to contain malicious code. Source: ghsa-malware...

Malicious code in magentaa11y (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 995b52a2411e3213a611e58f659a941136e8021a88e1d638a232018265d5c11a The package magentaa11y was found to contain malicious code. Source: ghsa-malware 1c1c14e542b99ac8e01a06fd61158c90ffe14fbedbf4834d97f38d65d477ebb5 An...

Malicious code in @solana-ipfs/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 767b9130ad69548a70a52f86dfe12ae295731bb407cba85504eb9e02c56d64a3 The package @solana-ipfs/sdk was found to contain malicious code. Source: ghsa-malware 980d6b7d6391f5f58861078fac68f9222d3365190f1482debece7ae55b0170...

MAL-2026-1945 Malicious code in cryptopapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8115fdc278d0fa50691d9381670d65784c4e58c7350c6f039f4cc48900003832 The package cryptopapi was found to contain malicious code. Source: ghsa-malware 36add754a3a299e4d93abe760b631b4a294d017297d11825b1fc1e2363030172 Any...

Malicious code in syntax-do-expressions (npm)

The package 'syntax-do-expressions' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

Malicious code in test-mal-npm-pkg-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e75a0b0eec22915db4ca63da2987beda61280504b532ef780e81b26d53e11d8e The package test-mal-npm-pkg-local was found to contain malicious code. Source: ghsa-malware...

Malicious code in selfbot-lofy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef24f8180f463b198ff4fea466684c4439a31102aead233f8faa51b587ac0bb9 The package selfbot-lofy was found to contain malicious code. Source: ghsa-malware 1af8492fa4885fa5b969d5ef3947595dffa2f959bb4e1de73b9ca504dec215a8 A...

Malicious code in bee-quarl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90e7b3eadcb23e766223167d16f561fd64fe44ec63f6e77afefe38966da2fec The package bee-quarl was found to contain malicious code. Source: ghsa-malware 642b83461b49019b47d27820b1dbaed267f2365eecf5fc74467d02192ec662aa Any...