Malicious code in @sommos/create-program-template-form-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa7bdf06061a821a92bec72c1ea8826213552ec4486d81e7776553a74293dd79 The package @sommos/create-program-template-form-data was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in overstock-component-library-v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3047a2aa0008e3dd53a44ed19238f41540af1763edd48a5db147506a32e6bf77 The package overstock-component-library-v3 was found to contain malicious code. Source: ghsa-malware...

Malicious code in rank4222wun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8943e200fcb8e9490a807104f88b84a3de7f0755cf78db6eabf1622e2116b7bb The package rank4222wun was found to contain malicious code. Source: ghsa-malware b038264ab3a4c0c18b74f04b49afed8d46c5294841a752da7aa3455b32eaa8e1 An...

Malicious code in ntwsc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 101f5ffdce019ee61ce0775bc9de5dba96de50e5e03e8fd70ac1b30b28cf13e0 The package ntwsc was found to contain malicious code. Source: ghsa-malware ef0dd5d822ddc7c0a00339f31b43d1a99cf79532857cdd157bf1eeb4b2a31ea2 Any...

Malicious code in cflashfiles (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d8c5174968b7dedf000076201fe6446018aa61048b6a77fc8bc42e16bb796fd9 Malicious clone of legitimate fsspec package. The code was modified to exfiltrate specific files on import. --- Category: MALICIOUS - The campaign has clearly...

Malicious code in @ikeacn/icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6ddd87692493182b2706890d61f428455b6686768925e979c7ad73ed8aed0b8 The package @ikeacn/icons was found to contain malicious code. Source: ghsa-malware 1fd9107408adaea60e793eab4b396b70fa0ec9b4dff087a3f16e52eb21be6450...

Malicious code in pay-by-bank-dashboard-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20c58f9aa900a5052fd440dd0a9a3e3ecb345fb4fee2be527b5af385485ee224 The package pay-by-bank-dashboard-server was found to contain malicious code. Source: ghsa-malware...

Malicious code in @mailpoet/eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c16934b5188a78db664e2c22b5fbfd7b089e580072216391bbf8925261484d0 The package @mailpoet/eslint-config was found to contain malicious code. Source: ghsa-malware...

Malicious code in @mailpoet/component (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d48b40574c65ef747944583fa5a49ac40b673d6932a02247c2cdbd5331a79179 The package @mailpoet/component was found to contain malicious code. Source: ghsa-malware...

Malicious code in rank253222 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5018dad195b0f107123f1ab9240ebe4944cd08688982be0c2e9c6203ba9cff1 The package rank253222 was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in ttam-ploy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 48447bed9470950f80afc68786c557605185768ddc394b2032973dc1b6bde276 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in 1q847 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fe398aee3ca61989d1610e4b2edae183ef70d5fabc08709875ca9ef8725d82c5 Package contains two DLL libraries, one of them packed. Both are widely recognized as malware. The exact behavior is not known --- Category: MALICIOUS - The...

Malicious code in aligntype (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00d265590e58665b4942474738b7d5beca8f636eb79e8761f736088d603f9277 The package aligntype was found to contain malicious code. Source: ghsa-malware b0d41c223d47ebc018df2b4ee07cde5c197d028c7b973a32f34bcb4e19e9a7fd Any...

Malicious code in qdrant-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ad84f3d1657583a0a6fa9d58b06258298369ea5e4ee10ac0516c3f641b33871 The package qdrant-js was found to contain malicious code. Source: ghsa-malware 789e158c461e8c11f86da5b04f09dab1797536199084bf548efc2f3ee13b33f1 Any...

Malicious code in replicate-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f84c6cb090eb31f1b2c516b45419d7833bca83f5546d22444032d28a07d27f40 The package replicate-js was found to contain malicious code. Source: ghsa-malware 658bf1d6aa22bb672e5ae9724e34b94ee7ff73e7cd4381ff4a6a8c9c2d1267fa A...

Malicious code in plugin-react-swc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 197cedd065670a6a39b4401d52b2a636d5ff18f26c378b571770286a807ec467 The package plugin-react-swc was found to contain malicious code. Source: ghsa-malware cba9afea98505469e9b9f36095ab566e5cd857b54255290d9defa67c40c62a...

Malicious code in oce-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cc6b17601336bdff3872b33d794187edf7b7a3779e96d01d0eb1081e043ecf5 The package oce-validate was found to contain malicious code. Source: ghsa-malware 4e0413e75c3bcfe39d1a45db99c6ac3968db6c708667e30eb88879f9fd483331 A...

Malicious code in bitbot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12996eb5ffac4767e62d0de9652080c360a42cc716421449362f9443c0ec02f4 The package bitbot was found to contain malicious code. Source: ghsa-malware 8167eda858c69a7322383c658afb961cdead784baba89931b2a10c0856c4a0cc Any...

Malicious code in hw-app-eth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b26da97535a707e0e93acd8bc34d6e7ad13756f38c37d34b362a36d4dbdef24a The package hw-app-eth was found to contain malicious code. Source: ghsa-malware 2f92f05cefb6ff5250762470390af00c1d4ccaf51b04cf8f1c15ab1721573a3f Any...

Malicious code in anthropic-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49a0221a103a31cc2bf5e4f6c7d5fc7e0a8cbb2128d06aafe849e2c0df492fa8 The package anthropic-sdk was found to contain malicious code. Source: ghsa-malware fb69378ea2c4bf83cabc021e0e00f2cc8f87b8d9ddfd536f6e0285d10dbf4daf...

Malicious code in manage-root (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ade61c26597c5b0a24785713d87a304ddf30ae13dd50c69ba89e653ec4c2729 The package manage-root was found to contain malicious code. Source: ghsa-malware 6b0fc8397f56e86ac97a5adedd2c89de19045dffbdabbf982ffcf5944449b178 An...

Malicious code in recaptcha-cors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79037ac310e3ba605ade8d6657ea9fd4d8261583079397795e7afccbf432a4fd The package recaptcha-cors was found to contain malicious code. Source: ghsa-malware 4936a94d5d7ed5509cecba8ba4b13b5d37ff1f114318c83e868dc6e5627818be...

Malicious code in n8n-nodes-zl-vietts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2958734e09db17aba6589bb89622305f26fc83a16d475018b5ae88b694b9e4c The package n8n-nodes-zl-vietts was found to contain malicious code. Source: ghsa-malware...

Malicious code in blocks-builder-manifest-generator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30f5efa34a1c44d974502110177cb7a60daf579349ed25937e66e342f7f7c24f The package blocks-builder-manifest-generator was found to contain malicious code. Source: ghsa-malware...

Malicious code in natateste (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 223884e033273ef49ab45ba4ac8c051419acbd5c7613c862e86fea2a817d5226 The package natateste was found to contain malicious code. Source: ghsa-malware b2bc57aed3208a3a97a2ed539e0782979641ab8312a75dcdb5056540c564d870 Any...

Malicious code in coolpackage2323 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dfe85cdb01cd65f379803d150e3cd9142774bda4f802120401655f71b5b7a907 During installation and importing the module, the package silently downloads malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Malicious code in mw-proto-models (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a365899ad5e810104ab4af3dee30bf4bb6ba242dfe2bac8a8b6dce2ce4940dd8 The package mw-proto-models was found to contain malicious code. Source: ghsa-malware 1e2b22967998e78acece8a85fd589aaf543b7744c652af4973aeb8b5b67391a...

Malicious code in excel-to-json-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c7026badcf8f0b9dc17b6d25ace35a5659488148496f385d17d4d3d31b036c9 The package excel-to-json-test was found to contain malicious code. Source: ghsa-malware...

Malicious code in pl-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 327cc69fee3f2500a3cf23d3c917935d3d7db124d0b7f3c136fead2f1d69f093 The package pl-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

Malicious code in gu-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af8b504bec83c372b24f21eb2b83e6a5ec1ceceef82ba4b57dc401e1ab44f9a4 The package gu-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

Malicious code in ofjaaah-build-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0f994ed6a23b4449a3ab09537485788c488a90e26c56c52d309b4704d8d2da9 The package ofjaaah-build-tools was found to contain malicious code. Source: ghsa-malware...

Malicious code in @brokenzzz/garfish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d357b148f23b1917c8d9b30afb0a067acdcdf988ca7b7f8a382726ba3e31b439 The package @brokenzzz/garfish was found to contain malicious code. Source: ghsa-malware...

Malicious code in viem-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73dca89de6152d63a64cab3a25d8444853cfdd2502260ea1d2b33f055d4adaec The package viem-js was found to contain malicious code. Source: ghsa-malware 7b2687f596cd8f76eec0d498e10a1f632b4ae06acd052210c214ee332feddb9d Any...

Malicious code in @daffadeveloper/signal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae0087b0a9b601b66eed90dbf41396601a483159b3e74933ad6ed63e6a06e3d1 The package @daffadeveloper/signal-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in urlssser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4a59189804dc7b527969a4ed7e4d95fac2b98812c309142270b27cdca47729be This package does not directly contain malicious code, but was uploaded as part of the malicious campaign and is used as a helper in further infection stages...

Malicious code in marshel (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d1b25f97e5a657b33bb26f2ccdfbdb55e459274a4cb3e19e38d3f04ba6ea3583 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

Malicious code in typedoc-plugin-fuel-variants (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6adc38777e8d247da805a1d508c3d27067be2a85dc25149b0d18453a67dcc18a The package typedoc-plugin-fuel-variants was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in eslint-plugin-fuel-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99675eb06a245907c7a2133cf7d75af3037229a059d0a135bf8c3d518432a6a4 The package eslint-plugin-fuel-react was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @wbgo/shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdb329e935e8aeef2d3a86a6d85a8b57f76574d7e339b3d50c0504601b9e67e1 The package @wbgo/shared was found to contain malicious code. Source: ghsa-malware 98749f712baf86a5e8d0a6c22c6b6998a4decd916771550d27a31203104422f9 A...

Malicious code in bve-react-ui-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7129addcf662b66f1b9c3bccfef1b910ba7d7529205773a6ef69f5fcec9b9178 The package bve-react-ui-kit was found to contain malicious code. Source: ghsa-malware e12ba9c2363df47acb928246ccbbfedb85b5cbfb0f433286818034daf65dfd...

Malicious code in sd-conversation-history-module-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30c335176b96214a0cf97acfa97156cd4216c1aa6e764167f49cef0eaa89cc72 The package sd-conversation-history-module-client was found to contain malicious code. Source: ghsa-malware...

Malicious code in sky1oauth2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3ca06041cd5b933101c6474a9f6054fb9dff579cf44ead75a1d1f906af0d6de The package sky1oauth2 was found to contain malicious code...

Malicious code in s3-cache-handler (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2a516ba427a772d00c202a782f0c11f2217ddb8360626591dbbd72b68cc5a1b The package s3-cache-handler was found to contain malicious code...

Malicious code in @wb-team/uikit-myteam-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdf39991881d2a08d3aa421675b4c1a7b562a4b50c70e7d9c0f7bb54a0d8f0e4 The package @wb-team/uikit-myteam-web was found to contain malicious code. Source: ghsa-malware...

Malicious code in idel2-content (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c81387cec5e85e071f4ffa2a4791747c731e8f247b60c236fa2a4ff7c0e1858 The package idel2-content was found to contain malicious code. Source: ghsa-malware 878a0a64404d0cc18be1c02fa0a38a98513049bccb02e919e4d8ee3c632f004a...

Malicious code in hairest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6a47476109391081ac326c65a5624df44ba19f7e2597aaeffa47552a053e9773 Package collects and exfiltrates Discord credentials from multiple sources --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Malicious code in clipcord (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fca6ce37489de021bfea975a55751ad244552b7868a4e534f955d30a0efb1770 Package collects and exfiltrates Discord credentials from multiple sources --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Malicious code in solana-program (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b7f4afe6d0bf016660b9bcd20e900d4d0504af8c3ac7f7dc69f20229ebcddb21 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in soupclaw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d81f6899b3e1e16c0fd74656a7fb8cedfd711e9e68078d85ed95cdb10979e3d1 Package collects and exfiltrates Discord credentials from multiple sources --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Malicious code in silvermine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b977fbc50506142e7db68fc536bdfd96ccfa135ff0c03f3957d24b716cc4441 The package silvermine was found to contain malicious code. Source: ghsa-malware 194377d773e651f6f01c9662fac716fb338b55f83baafc1c503b692fe1195e5a Any...