225932 matches found
Malicious code in chat-prompt-logger (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f25a736985f5c0bb50156fdc7de61e976b16416f42c44a2682b5ce718401383b The package provides a logger of LLM prompts that at the same time looks for hidden instructions and executes them. --- Category: MALICIOUS - The campaign has...
Malicious code in wds-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 827b1d3e49cfad3ca5aa4eeb1a7afedc234ed734e13948ba28b0e3b3b71180cc The package wds-icons was found to contain malicious code. Source: ghsa-malware 24d19b105cd9931a78806b2c2f9a30d8ef982b16e1ed4620c185a75dbbbf610d Any...
Malicious code in com.unity.sharp-zip-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cedde339d72e05699d5f33d7c16779f926f419baded72d7cd78d2610395cc807 The package com.unity.sharp-zip-lib was found to contain malicious code. Source: ghsa-malware...
Malicious code in liblynxtextra.so (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0f3e98410431dc81bb4dab16130bd1e591d2f8cce684db9fb654132ce96e5fe The package liblynxtextra.so was found to contain malicious code. Source: ghsa-malware b505f2aa1ba3b64eb6dbe55e16172a887bc2b61007ef602d5bce8ce2d1ab28...
Malicious code in eslint-plugin-react-hooks-published (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 647dedd2c8ea8a9cef54b85666b74459095d17369da310d54a0c1960f87dafe6 The package eslint-plugin-react-hooks-published was found to contain malicious code. Source: ghsa-malware...
Malicious code in chain-selectors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb7c7965dde4649d4adda7307f395134f22ed654c9a20b2c7dc9ea1b0c1dad9 The package chain-selectors was found to contain malicious code. Source: ghsa-malware 5632dc92ff1221e72c077781c43c1482a1a40fd5c703f95dd209890a4aa7941...
Malicious code in vitest-environment-jsdom-patched (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e0d8ae07807d73026bd13988c3341aecf8375b53ae436d03f80110884c5d84e The package vitest-environment-jsdom-patched was found to contain malicious code. Source: ghsa-malware...
Malicious code in logguru (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...
Malicious code in x402-legacy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e37b562070e10c7c2cf1ae07233d0e676a9c3808a2425407b709e9d03ab981f8 The package x402-legacy was found to contain malicious code. Source: ghsa-malware e93ea6b10273adfc3bd24ad98240fa9d023af96eb7a7c4a5a2073e881140808f An...
Malicious code in browser-client-neptune (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9ad0cf7ca8faf91e654dc6ceb89ca235f191edc099334e5d8cf1a070bfb128a The package browser-client-neptune was found to contain malicious code. Source: ghsa-malware...
Malicious code in accounts-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07acaccf5cae78ad4bfd5f967e15c5ba68180c1350310492a9065ca97124bf26 The package accounts-base was found to contain malicious code. Source: ghsa-malware cf76e57ba69c401756a0d9279f66fcd197667ce73a011c643099737d08dc306c...
Malicious code in discord-selfsbotsx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b56aa48c0654abd06a9d624b8c1b5ab4ce170399068d97b994bb4d63635bf18a Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in wartsila-application-json (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e0377e0cb41b793d9733d21ccf71ee44de194a8988cbbd874d88c3cb5e03cce The package wartsila-application-json was found to contain malicious code. Source: ghsa-malware...
Malicious code in chia-gaming-lobby-connection (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54adc68041a37b745f5dd254458f4a92981e5954641131ac846256b6d4ab7f6c The package chia-gaming-lobby-connection was found to contain malicious code. Source: ghsa-malware...
Malicious code in threading-helper (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 74a87b74245d0639ace987a197363e4396c334434721b81ce7d1c4d7010edb55 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in dev-server-python (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 77df2294feff074b86c685e622e69901b80eb16fdbf60eb785a026318d84788e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in gptall (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e68d6c72f5a98f22bc22ef0ad7aef178f253ba95ebac54ba881f95762d4805f4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in bitcoin-lib-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 480dbd7d7ec801a0212ee78ebb73268cd67ba4fb96b06ec563fbafe31aa10531 The package bitcoin-lib-js was found to contain malicious code. Source: ghsa-malware 95f79207062e8c5db317d3487c20f36927b99e9f0b9bfc2551c22a23d10c020f...
Malicious code in discordhelper-ecr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 689b1c190dc23f0188a57cac218b8dd66c56ecb77478d9bdac584a8cd111bb9b Package exftrates discord credentials to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in rtcplogin (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2f986d2da01fbdba339f3d073a84dd5c57ba0aa19113574702160654f70f0620 Importing the module starts an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouille...
Malicious code in tablates (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 56df7571e75ad7e85850f9a34bb482f19466af4481db56951ffba42475a4238d This package is malicious and typosquating the legitimate pyspellchecker library. This package will deploy a remote-access trojan that...
Malicious code in bitcoin-main-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4f6833ddd073b7c036ec32739e3cb826bd1eda9d3c350eed423548f64f047b2 The package bitcoin-main-lib was found to contain malicious code. Source: ghsa-malware 06ed1aa4aa61f36d953368c74cb3daf102b02842a6a27843021b499b033d71...
Malicious code in br2s-ui-componentlibrary_r2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be6786b979a9a6378e096381748fc3546c761e95cf2631585010ca066ad5ef19 The package br2s-ui-componentlibraryr2 was found to contain malicious code. Source: ghsa-malware...
Malicious code in hooktest2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 207bb5790445a690e4cbb75453026def57279287f88d6c54c7af956e3ba89e1c During installation, the package starts a code to retrieve and execute commands from Discord --- Category: MALICIOUS - The campaign has clearly malicious inten...
Malicious code in atlassian-praz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 06798e3c48471c4e66160030618f78c51d71d2a7660c5545648cf7902b3eecd4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in atlassian-exp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 802483ac3ec3749092037040a0a50ed9fa329232a832ac15fd5a0c692c42a9fd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in vite-dynachunk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a15f2c558d50bf310cbbe09daac2730fcfe1f196c0f0a2184d5adc74d0ec749 The package vite-dynachunk was found to contain malicious code. Source: ghsa-malware 9402a1a80c09793a69e3dc45fab9bf9fb963616e70b8e50d3f46bd65a678c8b4...
Malicious code in chai-jsons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e738779b172365174b2a7765325ea0405726a7ce192ddd47025b964d5e134ec The package chai-jsons was found to contain malicious code. Source: ghsa-malware 84b31461976f0984f6a6828d87f0cda7b1e3323084608a91ca02bedcee04357b Any...
Malicious code in chai-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e842da1fade3683b329217bfdfa620ad7b15d9dbec35065dd295c074b45bfd2 The package chai-auth was found to contain malicious code. Source: ghsa-malware 24555b314815073bff432dc1005d3e9420050160c237c77c47db6297c6837a05 Any...
Malicious code in org.mvnpm:posthog-node (Maven)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security ea90a5928d7667bed4fa9f6effbbe6c8d3ad6521ca51ca2b01551bc02373a7d2 This package was compromised by the Sha1-Hulud: The Second Coming NPM worm. The malicious payload steals tokens and credentials and...
Malicious code in ahmed_salem_t (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc278db8d9e1de9bc4e08bdc6bb126ee202e1f3035b69348d6f1ff66dd448e83 The package ahmedsalemt was found to contain malicious code. Source: ghsa-malware 2b2f4d2a3aa2f5b0a62127ad70f27d33c81f4d216a3fd4ff651f855cbb3b7f8e An...
Malicious code in @lokeswari-satyanarayanan/rn-zustand-expo-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73fe3bd99e2f11ab8bb09a9086c4dca8af56372031492ed11d90f1e32a0e8f53 The package @lokeswari-satyanarayanan/rn-zustand-expo-template was found to contain malicious code. Source: google-open-source-security...
Malicious code in rtcpstream (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aa2920b4ae77a6e47bbf9ac8163f8d9a30d62966097d34989a36103a76178558 Importing the module starts an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouille...
Malicious code in bip40 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 376d623eb0ffaacfbc6857b02083c7a1d37460c78579f88ddf63e6850cadc3e1 The package bip40 was found to contain malicious code. Source: ghsa-malware 39978dd4e71a01636f852725943d9488f7e1ba9f71fe9ca6a1f402a6c747fa34 Any...
Malicious code in hexcon (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 191af8110082a90345db609c8f23d2313a5be68ec121742172f32cf3a1d5d905 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in tableate (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 762292d92c617c287b3c6b54f7c4a8b8630e7dd893b40dd05bade462fec7ca26 This package is malicious and typosquating the legitimate pyspellchecker library. This package will deploy a remote-access trojan that...
Malicious code in xrpl-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fb3e61af99fea7b1567f2fa35f2558959e9c0c63f777bc5d37f6e48378ec31f The package xrpl-api was found to contain malicious code. Source: ghsa-malware 892f832257ae1ca9ec7f8ad76b11821b4808750298e4842ff44aa3459b54a125 Any...
Malicious code in mcp-polymarket (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c93eadc60da9cb188762b7190a7c6b48a5eaa9766f23d7515b944c05eb3f005 The package mcp-polymarket was found to contain malicious code. Source: ghsa-malware 41eb8c2fd8bee675d7893ba16ddd2f6fd03730818520e928c0320ed2a0306602...
Malicious code in rpc-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eca28ab1eabeac24c0ce55063ac151338d0255fcc2c8f74909566c8c3a3a8b1f The package rpc-validator was found to contain malicious code. Source: ghsa-malware 318ca2489ffa297599695ecb6b29c76c63bb61b59d5380b1092213774438e35d...
Malicious code in mayhem-wma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d242ed0467287371909e2fef415c86d7688c77b9a33f6b43c52d37bfc2d7fa6e The package mayhem-wma was found to contain malicious code. Source: ghsa-malware 9f00d5cfad9006d0cb83e7249554304291a746a42a2191314e1b70990e854df5 Any...
Malicious code in initial-path (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bdfbaf17e5ea42f67e6327f5dfe8766f8a5f8d83fb4b390fc8d780da5555187 The package initial-path was found to contain malicious code. Source: ghsa-malware 014c829694ccb06463ad706603727d070cbf38be1e103200b54c1235ccc82611 A...
Malicious code in react-svgs-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 081ba740ebfdae5dfc4f53bf53b7658227f6fc78a9c8866727d95d2467991f3e The package react-svgs-helper was found to contain malicious code. Source: ghsa-malware...
Malicious code in baidu-src-test3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b41154fc2678ab5be471f8ef4eb2065a74e9310ea81b5d3f3fd8617a1e880d67 The package baidu-src-test3 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in baidu-src-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b70672e328a6c37f9f5a2f333c52648043af35a44d4a7c33fce30d4dde10869 The package baidu-src-test was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @vleo-dev/a11y-js-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf7b4a5742b82956cf1632de9f435f824ac60651023bec86e0f12d9689dc5b2c The package @vleo-dev/a11y-js-service was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/dependency-cruiser-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f310f0649a09ab3e8f8ca155d2067e1f39ad9ac40a987851fd0dd352ffc268fe The package @voiceflow/dependency-cruiser-config was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/general-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c740063a863675c6fd489289e04f7c96c9c59c62c1b38d81f7b89de3abc325b The package @voiceflow/general-types was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/circleci-config-sdk-orb-import (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93fddfa88f30512d04aa154c955befc6e560cd4a1600f731643caf20e799e5c8 The package @voiceflow/circleci-config-sdk-orb-import was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/google-dfes-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04a5078499c9ba131d593044169dbb0a8f814c085d73c4823872c41430f8fad2 The package @voiceflow/google-dfes-types was found to contain malicious code. Source: ghsa-malware...
Malicious code in @dev-blinq/ui-systems (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ce530512b608913637db50ce0058d08d5afb8173c8b5968023c9b9665bcde49 The package @dev-blinq/ui-systems was found to contain malicious code. Source: ghsa-malware...