Malicious code in pulse-scroll-triggered-list-items (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5917623184677210f5a42bead660945379d7a3c1cabf055e011a2794a233d517 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ty-search-suggestion (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 002ad12f14550389fc7ba00e11d256e776249a0239a346e232dc8f6186ab7a76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in storefront-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f98f783cc760be758abd241914b7bb745e69248c87c20f1b84d14a522676413a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in puzzle-asset (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa20758e3fc1eaf5b167758e00f73f4f8cead459061a4971f7358e8aa7f436b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in uipagain (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce51f32914790894849b4c106fc9daf33bdbf5fc2cce5fbe8629a73ff78d2cbc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in anduril-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a5cbc3053e38d3280b6e93548f32f64751b0499f79b439459b733d4ca88b426f During installation or import, the package exfiltrates basic information in a dependency confusion attempt. The user identifies themselves as a HackerOne user...

Malicious code in @emilgroup/task-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4aef8ca2987206595d5c54a2df6265669bdb67ca99915bb763ac38f2d6a46d7 The package @emilgroup/task-sdk was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/commission-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85f1482a778fd65de3055f40733fdf55e9e0e2c3495dda2c72ff686d0841b91c The package @emilgroup/commission-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/setting-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd7001495cf0c7d9cbe60f2b406b90b4fc34d7a8fc8477c45780cefddf26e28b The package @emilgroup/setting-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/auth-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccb489120e1ad55e75b6bacdf15a54015c9de9959ea853cd391dc4dd66948001 The package @emilgroup/auth-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/insurance-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddc13f3218d4cac889a3d7c9d646430c04959f242c5c6cb593d3a31f84baa7a4 The package @emilgroup/insurance-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/accounting-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81b18ede5b5fb4b02a83fa00e0ee9bed39f2a9aa04a952734abf0022f00f7bf4 The package @emilgroup/accounting-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/payment-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83fcb6922c65850eff14baf7a463c2b14b358ffebdc5a15c312ec7328a142407 The package @emilgroup/payment-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/insurance-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 204ac599e2496ac1b276283252ae142c05b28ebf89e2f63d3a0c664f2ccac7af The package @emilgroup/insurance-sdk was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/customer-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58c6f159066f875aefa2d05b7fe166f8b55f075694d1badead1ec998bb6e396c The package @emilgroup/customer-sdk was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/claim-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a86e7c53acc9840bac58a8ff7aca0a0d40a03ab2a8ac73dd55d0314373528800 The package @emilgroup/claim-sdk was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/gdv-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c4f423945b0d9a114bae821ae46ab06d9850ba5611917eb80d940c47771e3ed The package @emilgroup/gdv-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/auth-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b1a3b316a5288730ac37792c1fa0b0b17961a04a06250cb2c9a4d36acb3e117 The package @emilgroup/auth-sdk was found to contain malicious code. Source: ghsa-malware...

Malicious code in pipinpeace-env (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b76166abb6c7173f1cc74e41509f4ded1be2de5cea682016e00001e4e23b75a9 Package is designed to exfiltrate env variables during installation. However, it requires providing a URL as an installation parameter, which suggests it's mor...

Malicious code in @mesh-components/customthemeprovider (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20b2e29319a8cb96867858b20a43a684624167dc62c186de47de7e7e7e8c8a2a The package @mesh-components/customthemeprovider was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in address-autocompletetest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b797224d264945b820a632a44fdf26c3baa54e8f1b5f6fe3db4a1739ee726f58 The package address-autocompletetest was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in laserlogsink (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3028499625bf1c6a218f2332e6cecfd2af12b14859ce0411350e5ae84670a067 The package laserlogsink was found to contain malicious code. Source: ghsa-malware 474d1b0019630f528f0f4bbed72d636f649257ffca929db3211799fe870a13cb A...

Malicious code in nspack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7741f090145e1e4bbd7998edba9c8151bd5dd3380adaa430e8f05cb2c814396f These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

Malicious code in nsscache (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f799f92bcb0f24e47655a4a38d97a8981bad8f31f28f7d82a5378ae8aa0f1c74 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in composer-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7be3393e5cd932abe1668adaa58f526e25b1a6ab2ef4945eadeb60e68493c7ef Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in json-specular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21e4ef994911ed1494838bbc4c0f20fb4e194a7e264a9e7014759d9e23466ac9 The package json-specular was found to contain malicious code. Source: ghsa-malware 1bb4124a4b5522f2d7f36098f59a85a760b3e029a30baffafa922a34d2e7a21c...

Malicious code in kyxhiagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 985abb24ef3818e6c2ef2e790091b87b25294c5bebf9178c19c7d4b795b022bd The package kyxhiagent was found to contain malicious code. Source: ghsa-malware ef1853d56bb18df4db70df3663e706c9b0e1eff4c8bf9351147e156d1b7ed8b3 Any...

Malicious code in fadlsjf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7851237c54cc21d98214fdd4c10550fb6665672f78c6f685de666e25f116c54f The package fadlsjf was found to contain malicious code. Source: ghsa-malware 84c2aa35dc6cdbc9581e9c90d31fc8048bf73c56102725c533f82882b2aa3422 Any...

Malicious code in mtpmysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d398ba3dd05ce79a06fb2a2433842d601f917e38ffaa3ad94c02adc1bdb3b67f The package mtpmysql was found to contain malicious code. Source: ghsa-malware 0c3a7ad80c6454678adb0b86352965523e6157aec98c3976686697663fd882e8 Any...

Malicious code in parsejson-pro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bee06fce3066f17a6400fc1800b42e5c53eeb9826bb9672cec6ad8ff65306807 The package parsejson-pro was found to contain malicious code. Source: ghsa-malware f2f105fb92bd66d0baadfb4bc605643a2eaff5cd51a4d565f82f61e4c0cb3a71...

Malicious code in spstargm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54ce1a8a7d00ca1aef6f9b8efb51402365637ca06d3d60ac779221ed3c0827d9 The package spstargm was found to contain malicious code. Source: ghsa-malware a0415f3c475983a53adb25756b7fd123d025c7be9670499938f81de0229f596e Any...

Malicious code in polymarket-onchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2766ecc75c1eebb5fc12c56509494d72472b8b2a8a2c0ebdb296bdfbcc06023d The package polymarket-onchain was found to contain malicious code. Source: ghsa-malware...

Malicious code in clob-client-sdks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d71cb09660dc0e81eb08d723da80d7cbe9f2390137596cfead83820db53f0674 The package clob-client-sdks was found to contain malicious code. Source: ghsa-malware 2ff610e554b6569926182810264eb97b765d9c2fde7e3a53fc3c8e16388b79...

Malicious code in @validates-sdk/v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14f6dc99183ad11d3293d19966af14cd33cf7ed4ad00f3de9d6f07e5842a9234 The package @validates-sdk/v3 was found to contain malicious code. Source: ghsa-malware...

Malicious code in @solana-launchpads/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e2c89ed75f226eef50b8af164fed8d3e86773096aa480de467c72f133f02d6a The package @solana-launchpads/sdk was found to contain malicious code. Source: ghsa-malware...

Malicious code in pretty-ts-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3252c2860c3dca66dbc03f90407ce4f37b310c8e4f6bfc6485625b1b7d926cd2 The package pretty-ts-logger was found to contain malicious code. Source: ghsa-malware 0c811c327f0147313f0f5362e62e94d0aadf15ac53937bb3e88b133748db9c...

Malicious code in libavcodec-extra (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 00a68b4208fb4614b815e8a867c2155a8667b424e6457e3b72da362edbad9615 During installation or import, the package exfiltrates basic information in a dependency confusion attempt. The user identifies themselves as a HackerOne user...

Malicious code in changelog-logger-wrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector caec1e4b5fc6ded7cff261c7800c1e9753b865564ac6af1674b9450e4c15f577 The package changelog-logger-wrap was found to contain malicious code. Source: ghsa-malware...

Malicious code in wn-idv-persona-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77973c6ca0ba60bf7105d4250b88b0fd7b3304dd3fe9ead1072912d8e724b21f The package wn-idv-persona-client was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in chai-as-constrained (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea5f87c9fffb9b32d6390a3922c9a8bfc616a693910c9a8d7599cfa8ef11c9e9 The package chai-as-constrained was found to contain malicious code. Source: ghsa-malware...

Malicious code in urti (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce210748591c19c8937ecaf130c45acf772c6e762dc06ce07f48d5d8d512c451 The package urti was found to contain malicious code...

Malicious code in testctfproject1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0241d3ce12f62f172b0ccb8117908153a7539b8ca28786a07a1e2866255ad52e The package testctfproject1 was found to contain malicious code...

Malicious code in stnsxmp3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ceb45e3044f3a3acbefdbdf144ca9aae81091d1cfdf84f5768de4df7176a231 The package stnsxmp3 was found to contain malicious code...

Malicious code in sheinx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 491bd46d3cc55fb18d3343ede29a51034a964051c1fd6a6ad8cf709fe18fac83 The package sheinx was found to contain malicious code...

Malicious code in ref-selector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0eccb0ad0032090e5db9e517390d5f67fec7413858f4422498155a54ed1260ce The package ref-selector was found to contain malicious code...

Malicious code in react-query-core-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bce94f40a0e1879b184cd9f5abb5f4850d66aa5705b231b41337c2e2e33a3de The package react-query-core-utils was found to contain malicious code...

Malicious code in ranko887 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43ccc3824edef6d50613c4b4b27c79676ff219a2ce6741185045e6ccc85d31e2 The package ranko887 was found to contain malicious code...

Malicious code in proleis-web-file-input (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 245fa1a911f89e0a94db5dda7b80b9f2b64e0bbbbfeb9618b3e013f4da4f212c The package proleis-web-file-input was found to contain malicious code...

Malicious code in player-button (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ef576512d757081a6ffcf3225a09220078dde23b0825b516ee210f6bf1b0c94 The package player-button was found to contain malicious code...

Malicious code in phx-core1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdfc7e69d1774fadc3af102b3a8a5de2b3faccdf9341797410b4d9dedc3c17ba The package phx-core1 was found to contain malicious code...