218 matches found
Malicious code in finkrouter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75cee0798d304ff9f0532df845511df6560314b8808664c15b3c3aa18f1953b5 The package's CLI shipped as cli.obf.js, the javascript-obfuscator output with RC4 string-array encoding and control-flow flattening per package.json...
Malicious Package
Overview @aifabrix/miso-client is a malicious package. This package was affected by the 'GlassWorm' supply chain attack. It includes a hidden malicious payload embedded with invisible Unicode characters. These characters hide a decoder that retrieves and executes a concealed payload through eval...
Malicious Package
Overview prefer-let is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The package...
Malicious code in @oku-ui/dialog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25f15df16cf4e34ba65ddc24116d624b40ec91b0a9d12bacec8f2afd6ea3bc27 The package @oku-ui/dialog was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/toast (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b944224d9a502a3f5bb5f7bfb4530de52ce4ffac6f94c8588fdda2f22563953 The package @oku-ui/toast was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/dependency-cruiser-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f310f0649a09ab3e8f8ca155d2067e1f39ad9ac40a987851fd0dd352ffc268fe The package @voiceflow/dependency-cruiser-config was found to contain malicious code. Source: ghsa-malware...
Malicious code in @oku-ui/tabs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ce22352f26f8cfce834a6ce3362835601a48b73356305181e6d2b90062fcfa8 The package @oku-ui/tabs was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/commitlint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0318a598c3e523953b57c870305c3d1237a290a253f3d69dd9f24bf6ba079d6e The package @voiceflow/commitlint-config was found to contain malicious code. Source: ghsa-malware...
Malicious code in selenium-session-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c213ecffb94ad5db9053c2dcf20681d6fe3a5baa0b8ed42d87e01c7ef930a704 The package selenium-session-client was found to contain malicious code. Source: google-open-source-security...
Malicious code in @browserbasehq/stagehand (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0147cee6c903a9fd8dabfedd42c60df91437e6a7a750bebff3c26ce687d4443a The package @browserbasehq/stagehand was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/circleci-config-sdk-orb-import (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93fddfa88f30512d04aa154c955befc6e560cd4a1600f731643caf20e799e5c8 The package @voiceflow/circleci-config-sdk-orb-import was found to contain malicious code. Source: google-open-source-security...
Malicious code in posthog-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b422f278bf27e062b349e97360b6919e773122f21656f23d6da583ce7cb1a92 The package posthog-js was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191196 Malicious code in @browserbasehq/mcp-server-browserbase (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59c07fb8ebd39670ff0a8c67a71dc45872c40e94a70a4100940576791f12cd66 The package @browserbasehq/mcp-server-browserbase was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191383 Malicious code in @voiceflow/vite-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e311606ae472f7551604c1c14cbf14f26fab216c76778f69086466466deac60c The package @voiceflow/vite-config was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191319 Malicious code in @silgi/scalar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 718db30ae906e5148f4892029a4e6e20c813dfa5ef8eb9a76a46b1c1769445d3 The package @silgi/scalar was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191344 Malicious code in @voiceflow/encryption (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13e58f7cdcdf3b87f5bbf111e42e13a1151626e495e15be73fc579109e397800 The package @voiceflow/encryption was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/stitches-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06695269b63d5e1d5d67fbf2ec3e8ba8a46439f10a30ca584e674ad93dbf53f1 The package @voiceflow/stitches-react was found to contain malicious code. Source: ghsa-malware...
Malicious code in @dev-blinq/ai-qa-logic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bcfefccc1ff9a7579321c6e45d16fc6aa94b9eaa45952fe47d415c2ffcde9a4 The package @dev-blinq/ai-qa-logic was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/chat-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 427a4ea537f2410d7af761667dfaa0440a0ddbf74e1a963230491a8d6155e4fd The package @voiceflow/chat-types was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191376 Malicious code in @voiceflow/storybook-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8dad09f9af7bcfdd86347fd6e8c490939feed1f44cb5632ca2098db24ddbe7b The package @voiceflow/storybook-config was found to contain malicious code. Source: google-open-source-security...