3480 matches found
Malicious code in paperclip-host-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7e57197a05889313009e318f52b5c6831e6ce6ce928553210c489433d2ef87c On npm install, package.json's postinstall executes dist/setup.js and dist/postinstall.js. The scripts read installer-side secrets — /.aws/credential...
Malicious code in vps-adapter-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 721f18c9af5bbc2ee66386230d6d7c389cf862f4e5982c65a6368117a05b2f93 On npm install, the package's declared postinstall script postinstall.js executes an end-to-end host takeover against the installing user: 1 appends ...
MAL-2026-6894 Malicious code in tracing-str (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 466143b5f195d4924e2227921a288954ecec9ed34d52af8ff433056f5ff56903 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in log-format-thread (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 778c35bb8086ee3d81fc8c882aa7e47144695564bc017c2fc71022695b47601d The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in bootstrap-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9ac4913fc1ffcabe1ed6637abc6d532abc014683f48b341ece6127a51da15d8 The package's index.js is heavily obfuscated with classic string-array shuffling patterns e.g., while!! loops with repeated 'shift' calls and...
UBUNTU-CVE-2026-54887
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...
Malicious code in serverless-leo (npm)
The serverless-leo npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...
Malicious code in mjs-eslint-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7e95cb81c6a1238d751c013def46001948b388083e0d91f7baa5077091ae006 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/node-speaker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d1fc45cd66b93c4e1a83c1743f1ac9ee3ebea854208b1a9cae83ee957ebfd83 @mastra/node-speaker is a PCM audio output library wrapping native mpg123 bindings. Its package.json declares 'easy-day-js' ^1.11.21 as a runtime...
Malicious code in @mastra/node-audio (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e67f59921eaf19b7b608ed824610779a1929306854008a2a1633edf67bca3b7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/voice-deepgram (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c6269a96366ca5cb804b7078f3eb2d0306ac86335922e3b00a17db6426024c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6019 Malicious code in @mastra/docker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd2417620dd4f98c496cdb956e0e2cf1b55f25dcc57ad7a360f072acfa88ba9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @mastra/turbopuffer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d73c50676f96c5af47167ce4405b1f53a38feb3cbd8a3eaf93fe262479680403 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/deployer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ada3444d44067bbe5085e0892f7885b106c016c114676c2601b15bbb52ce4a4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/fastify (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ba29e7c4e2320b4f5852c18ded92c92021cfbc47d5bf8146b1a93ffa58260c7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8918dd16aca072972c93ebb866b08d6d5fda0b443955a2d4589ecbdbf4b87539 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/dynamodb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2567710170942391d967675952bbdd9cd0f8d933cc39e4cf4460ca4c5b700097 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/schema-compat (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3037c66f9c4357ce9a1c2ec848e86eeef189f1b1a2c3f9f6c891963cf60049c0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5954 Malicious code in @mastra/libsql (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae3d2946dd7a5ef81d52da321aac5fce8fe40c59a844491d6e6a07c1c84b08ee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in hot-validation-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c76065c270ae195ee042c46a6d0ade5737992948d3f3068f367fc6bfef474ce9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...