Malicious code in @klapp-otp/routes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9246974efd1a626094dd3f2027df2e8f1468ce45ebcba42e5207a06c5c9e16ee On npm install, this package auto-executes index.js via the preinstall lifecycle hook. The script collects os.hostname, os.userInfo, dirname,...

Malicious code in unifi-portal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4c0cbc81f0d9b1df2dae7252888e87e046c36d049f2792dc7fc49d72ec1d9c6 Package is a self-described dependency-confusion proof-of-concept published unscoped on the public npm registry under a name presumed to match a...

Malicious code in encrypted-archive (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c60d89261c09dc6eaea0a3af26af55519421cb927a1b8183009d09b2d4e99b94 On npm install, the package executes a preinstall hook package.json "preinstall": "node index.js || true" that runs index.js, which performs a DNS...

MAL-2026-5095 Malicious code in @challenger6/vm-pattern-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 396b490a90fc45f797d57bb02503489b3a924a18b927cabce392cad7f591c868 The OpenSSF Package Analysis project identified '@challenger6/vm-pattern-library' @ 99.0.0 npm as malicious. It is considered malicious because:...

Malicious code in @stockrepublic/republic-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 300b309644b646817c47a283d8b9aaa018e8ae0f59986207f55fd0c39dca872a The package masquerades as an internal @stockrepublic component version 99.0.0, description 'Runs git diff and saves the output to git.log on install...

MAL-2026-4289 Malicious code in @stockrepublic/republic-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 300b309644b646817c47a283d8b9aaa018e8ae0f59986207f55fd0c39dca872a The package masquerades as an internal @stockrepublic component version 99.0.0, description 'Runs git diff and saves the output to git.log on install...

MAL-2026-4258 Malicious code in @engagehub/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcc397ed87426726776c339f950939ac2da46c12edd018ed4bc48031f7044094 All three lifecycle hooks preinstall, install, postinstall in package.json invoke node telemetry.js, so the payload fires unconditionally on npm...

Malicious code in @engagehub/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcc397ed87426726776c339f950939ac2da46c12edd018ed4bc48031f7044094 All three lifecycle hooks preinstall, install, postinstall in package.json invoke node telemetry.js, so the payload fires unconditionally on npm...

MAL-2026-3810 Malicious code in @pluxee-connect/account-db-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49a36af66b1c55fbf7a78529c1fe2d15b819cef018300a03cdc8e0a1b59f36c9 Version 99.0.0 of this package targets an internal-looking npm scope and ships a postinstall.js that, on every npm install, reads os.hostname,...

Malicious code in @pluxee-connect/account-db-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49a36af66b1c55fbf7a78529c1fe2d15b819cef018300a03cdc8e0a1b59f36c9 Version 99.0.0 of this package targets an internal-looking npm scope and ships a postinstall.js that, on every npm install, reads os.hostname,...

Malicious code in bui-react-10components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fd97accb94b52913accc33671fd34134afa96fd92bc09e5d0c440eef9b1a8c6 The package bui-react-10components was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in camelotlabs-config (npm)

Five packages camelotlabs-sdk, camelotlabs-core, camelotlabs-config, camelotlabs-worker, and camelotlabs-utils were published to the public npm registry at version 99.0.0 by the actor madman0619 as a dependency confusion attack targeting the internal npm packages of Camelot Labs. The inflated...

Malicious code in coinmate-typescript-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbfed1f09c009e285a20b7f2914257795846bf558a735467cb742ab4bc53165b The package coinmate-typescript-client was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in paysafe-card-payments (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd96859314d03d59ade846da5a5e56c7ae94d0590b341daba6a96438499c7bfa The package paysafe-card-payments was found to contain malicious code. Source: ghsa-malware...

Malicious code in paysafe-apple-pay (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15aa5a144ffc676202fd8bcc53b7d07b3de04e7320bbae90b2bfc57d67d94c80 The package paysafe-apple-pay was found to contain malicious code. Source: ghsa-malware...

Malicious code in bytefrontier-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a29cf25347b160fe6625e86e0df46723174e739cebc771b5d08eab295a68aae The package bytefrontier-sdk was found to contain malicious code. Source: ghsa-malware 6f9b7385e8f58c8b6fad1067fb18e542229655e25153a257aaad92c7a9cc96...

MAL-2026-2423 Malicious code in bytefrontier-partner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6b7c067c478263090ed1c2af69f93fb08ed460a91f5e70203c0de2037710507 The package bytefrontier-partner was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2427 Malicious code in partner-tracker-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abcff950068cf454cf07ead8614f95dd6291f4204f72ada102c7b4c3d72c0cd1 The package partner-tracker-api was found to contain malicious code. Source: ghsa-malware...

Malicious code in vv-ftend-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3096bbbc1b06c1a0df854ff812112a3d902b8a5c8926880c146f8b36e8497897 The package vv-ftend-core was found to contain malicious code. Source: ghsa-malware 31aa4449ee3c83b67dd8e118498746b83b9b02e0d8fe6c095f6d08f6c7a9b62e...

Malicious code in cms-catalogue (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d08a53064a76469a8b5ab4afdb3aa2907127f26f98ac8255e3ae650f8ce5d1ba The package cms-catalogue was found to contain malicious code. Source: ossf-package-analysis...