285 matches found
MAL-2026-6788 Malicious code in datefmt-helper (npm)
The npm package datefmt-helper is a supply-chain dropper disguised as a benign date-formatting utility its description reads "dates formatting utility with locale support". The package ships no source repository and places its real behaviour in an install script. A postinstall lifecycle hook...
MAL-2026-6691 Malicious code in polymarket-clob-maths (npm)
Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign targeting Polymarket developers. polymarket-clob-maths uses a dropper technique: a postinstall hook fetches a remote bundle from trabalhos-flax.vercel.app and executes a syncSession function that runs a...
MAL-2026-6688 Malicious code in console-fmt-cli (npm)
Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. console-fmt-cli uses a side-loader technique: it declares decimal-format-core =3.0 as a dependency, which contains a dropper that executes at install time via a postinstall hook. The dropper fetches a...
CVE-2026-10735
Multiple Shapedsmart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Product Slider for WooCommerce Pro WordPress plugin before 3.5.3 Pro smart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Produ...
Malicious code in bn-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c14057d91b2283926b2b0c1093a66db17c40efbd0ceb21c29b0bdbfa79736da5 Package is published as 'bn-lint' but ships a verbatim copy of MikeMcl/big.js README, source, version banner v7.0.1, and repo URL all identify as...
MAL-2026-6376 Malicious code in bn-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c14057d91b2283926b2b0c1093a66db17c40efbd0ceb21c29b0bdbfa79736da5 Package is published as 'bn-lint' but ships a verbatim copy of MikeMcl/big.js README, source, version banner v7.0.1, and repo URL all identify as...
CVE-2026-10735
Multiple Shapedsmart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Product Slider for WooCommerce Pro WordPress plugin before 3.5.3 Pro smart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Produ...
EUVD-2026-38693
Multiple Shapedsmart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Product Slider for WooCommerce Pro WordPress plugin before 3.5.3 Pro smart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Produ...
Malicious code in @emcd-vue/loans (npm)
Part of a coordinated multi-package supply-chain attack impersonating EMCD emcd.io, a legitimate Russian cryptocurrency exchange and mining pool. The attacker registered the @emcd-vue npm scope to distribute multiple malicious packages posing as internal tooling. This package was published 90...
MAL-2026-5165 Malicious code in @emcd-vue/loans (npm)
Part of a coordinated multi-package supply-chain attack impersonating EMCD emcd.io, a legitimate Russian cryptocurrency exchange and mining pool. The attacker registered the @emcd-vue npm scope to distribute multiple malicious packages posing as internal tooling. This package was published 90...
Malicious code in @t-in-one/only_difference_payload (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
MAL-2026-5033 Malicious code in @t-in-one/add_app_middleware_token (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
MAL-2026-5034 Malicious code in @t-in-one/add_application (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
MAL-2026-5037 Malicious code in @t-in-one/application_id_storage_key_token (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
Malicious code in @t-in-one/form_product_token (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
Malicious code in @t-in-one/safe_local_storage_token (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
Malicious code in @t-in-one/add_application_service_token (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
Malicious code in @sber-ecom-core/sberpay-widget (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
Malicious code in @t-in-one/get_application_hid (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
Malicious code in @t-in-one/add_app_middleware_token (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...