3486 matches found
Malicious code in vps-adapter-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 721f18c9af5bbc2ee66386230d6d7c389cf862f4e5982c65a6368117a05b2f93 On npm install, the package's declared postinstall script postinstall.js executes an end-to-end host takeover against the installing user: 1 appends ...
Malicious code in paperclip-host-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7e57197a05889313009e318f52b5c6831e6ce6ce928553210c489433d2ef87c On npm install, package.json's postinstall executes dist/setup.js and dist/postinstall.js. The scripts read installer-side secrets — /.aws/credential...
Malicious code in ts-bigtn (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3fe9cda51a9c873f69575fec5aada84c81b0b7e907d060f28d6c6e95dc381911 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6894 Malicious code in tracing-str (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 466143b5f195d4924e2227921a288954ecec9ed34d52af8ff433056f5ff56903 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in polymarket-onchain-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73556a574d8ee416a5440f889b73cafff3b464650d6b2b2caf4001ce15086f6c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in log-format-thread (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 778c35bb8086ee3d81fc8c882aa7e47144695564bc017c2fc71022695b47601d The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in bootstrap-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9ac4913fc1ffcabe1ed6637abc6d532abc014683f48b341ece6127a51da15d8 The package's index.js is heavily obfuscated with classic string-array shuffling patterns e.g., while!! loops with repeated 'shift' calls and...
UBUNTU-CVE-2026-54887
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...
Malicious code in @orbis-lr-sdk/orbis-lr-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 447ee314f32023031250cefe4570378f31d8055a02384eccecb5c288ae6e2405 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @ms-ows/logging (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7ffaf65611a7bb55512d442ab6d19f3b1c702db0224b994e0b80df4f30e1dff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @gm-rvg/root-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 439c6ce041ad5226eefdab8b99045e573701e66838e908be4fa6d3b0ee6e8a7b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @experian-shared/services (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b9781b2089d3aeafbedfe7c81af43904472553991bd7e50695ab301d4529eaa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in serverless-leo (npm)
The serverless-leo npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...
Malicious code in mjs-eslint-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7e95cb81c6a1238d751c013def46001948b388083e0d91f7baa5077091ae006 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/node-speaker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d1fc45cd66b93c4e1a83c1743f1ac9ee3ebea854208b1a9cae83ee957ebfd83 @mastra/node-speaker is a PCM audio output library wrapping native mpg123 bindings. Its package.json declares 'easy-day-js' ^1.11.21 as a runtime...
Malicious code in @mastra/node-audio (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e67f59921eaf19b7b608ed824610779a1929306854008a2a1633edf67bca3b7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/voice-deepgram (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c6269a96366ca5cb804b7078f3eb2d0306ac86335922e3b00a17db6426024c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6019 Malicious code in @mastra/docker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd2417620dd4f98c496cdb956e0e2cf1b55f25dcc57ad7a360f072acfa88ba9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @mastra/turbopuffer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d73c50676f96c5af47167ce4405b1f53a38feb3cbd8a3eaf93fe262479680403 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/deployer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ada3444d44067bbe5085e0892f7885b106c016c114676c2601b15bbb52ce4a4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...