Malicious code in joi-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ca38e3574ffcb0fabb105616e28108137c8256e2c70aeede59623bca5df496a The package declares a postinstall hook "postinstall": "node postinstall.js" in package.json that runs unconditionally on npm install. The script's o...

MAL-2026-3763 Malicious code in exxpress-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfa81f7c144d5feeea9c49254fbeec68f8271460d4a51efd5757a62b251c05f2 The package declares scripts.postinstall pointing at postinstall.js, which runs automatically on npm install. The script performs three...

Malicious code in cheerio-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d51a2885f4eaff732d1ef7ab065b04d21c59263b1212d5b92b92c87914ef879 cheerio-tool typosquats the popular cheerio HTML parser README claims 'Cheerio Tool utility helpers', keywords are 'lodash','utilities', and index.js...

Trust Wallet Core 安全特征问题漏洞

Trust Wallet Core is an open source, cross-platform, mobile-centric library from Trust Wallet, Inc. A security vulnerability exists in Trust Wallet Core versions prior to 3.1.1, Trust Wallet browser extension prior to 0.0.183, which stems from mt19937 Mersenne Twister uses a single 32-bit value a...

Hiro: Security Issue into Wallet lock protection

Description While testing wallet extension i generally try to test multiple endpoints, so 2 tabs were open of wallet on chrome-extension://ldinpeekobnhjjdofggfgjlcehhmanlj/popup.html So i tried to lock Wallet extension buti found that i can still use browser in 2nd tab, why i had already locked...