Malicious Package

Overview solidity-coverage-plus is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

Malicious code in solidity-coverage-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44e5a7775aa2bbde61d35a548198d976f9bdc6e9b11de33a2e28f6a6a9929de6 Package name impersonates the well-known solidity-coverage Hardhat plugin sc-forks and ships a verbatim copy of the upstream README. On...

MAL-2026-4672 Malicious code in solidity-coverage-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44e5a7775aa2bbde61d35a548198d976f9bdc6e9b11de33a2e28f6a6a9929de6 Package name impersonates the well-known solidity-coverage Hardhat plugin sc-forks and ships a verbatim copy of the upstream README. On...

Malicious Package

Overview solidity-deploy-guard is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-4218 Malicious code in solidity-deploy-guard (npm)

A coordinated supply-chain attack comprising 10 npm packages published by maintainer ddjidd5640 [email protected] within a 48-hour window 2026-05-19T03:55Z – 2026-05-21T04:31Z. All packages masquerade as legitimate Web3/DeFi developer security tools MCP servers while silently exfiltrating...

Malicious code in solidity-deploy-guard (npm)

A coordinated supply-chain attack comprising 10 npm packages published by maintainer ddjidd5640 [email protected] within a 48-hour window 2026-05-19T03:55Z – 2026-05-21T04:31Z. All packages masquerade as legitimate Web3/DeFi developer security tools MCP servers while silently exfiltrating...

Malicious code in solidity-linter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc1e53cd2c5e0f2cd7874aca89da54334315bfff4129c14965247a454a835c7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3736 Malicious code in solidity-linter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc1e53cd2c5e0f2cd7874aca89da54334315bfff4129c14965247a454a835c7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview solidity-linter is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in solidity-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12e7b93d8eb164aafa0ae5488f7f7ceff21ceedac5f762e6c2618e85854df65e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3735 Malicious code in solidity-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12e7b93d8eb164aafa0ae5488f7f7ceff21ceedac5f762e6c2618e85854df65e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview solidity-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

codex-solidity

⛓️ Codex Solidity — Smart Contract & Protocol Audit Agent Imp...

Aether Smart Contract Security Analysis Framework 6.0

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

Aether Smart Contract Security Analysis Framework 5.0.2

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

Aether - Adaptive Exploit and Threat Hunting Engine for EVM-based Repositories 5.0

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

SmartContract-VulnHunter

🛡️ SmartContract VulnHunter The ultimate smart contract securi...

Aether Smart Contract Security Analysis Framework 4.7.1

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

CVE-2024-34704

era-compiler-solidity is the ZKsync compiler for Solidity. The problem occurred during instruction selection in the DAGCombine phase while visiting the XOR operation. The issue arises when attempting to fold the expression !x cc y into x !cc y. To perform this transformation, the second operand o...

A Systematic Study of Code Obfuscation against LLM-Based Vulnerability Detection

As large language models LLMs are increasingly adopted for code vulnerability detection, their reliability and robustness across diverse vulnerability types have become a pressing concern. In traditional adversarial settings, code obfuscation has long been used as a general strategy to bypass...