225917 matches found
Malicious code in @clearpool/streaming (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector febaceb862fd80f68bdcefbbed2667f056ba0b09cc0607d92962dd0d1c2a8b5d The package @clearpool/streaming was found to contain malicious code. Source: ghsa-malware...
Malicious code in @clearpool/table (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79bdf65c3193663ec05f4281e94765c2106a6a5ce8bd9860a4cfcbaab419f0c9 The package @clearpool/table was found to contain malicious code. Source: ghsa-malware 34f072d9880102a7b4495043aa1155a43587246ae13f1974b107df2bbe4760...
Malicious code in @clearpool/comms (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f79c0a598ffe54e6eba22b90afd0c9bbb902c3086178c2ea2a9227e002e399d The package @clearpool/comms was found to contain malicious code. Source: ghsa-malware aac3d8fce06f495311a581ee9a8f6acf42b7ea35162b9a3387ad6040adfef4...
Malicious code in @clearpool/utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81591bb660ad3ae2036615d00a3ff6960ccd2f36789a4f0df65a53ea7a557336 package.json declares preinstall and install lifecycle hooks that collect installer-identifying data whoami, hostname, pwd, $npmpackagename,...
Malicious code in classlink (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2915556b569ee5a4e890ea4178a61836ed8799f93a30fb0ac5e30cc37a41ede The package classlink was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in robase-fast-install (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eb36bd6222d998fae305e6200dff6413fec375765d7b81876e8041b72101c7ef During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in robase-gui-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6c53f61007a9e23f2c47112de5225aa8e364f5aeb45c99d22084d6fb08b2179e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in robase-gui (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ffbeda05758af4fb3c32de434df674102718336d499124f08b158271e4a08f7e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in frank-bot-gogle-cloning (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44bf385867bdd18d9634c115e9e423146f198038e6fdb1d6dca9c95743f3af4b The package frank-bot-gogle-cloning was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in swisscom-ai-research-keyphrase (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e11009ce6f39424ab9bbe1470888a9f5be4f1252dab4c82a03d684d372eb7cc9 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...
Malicious code in @ozon-complt/antibot-handler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d2b2c8d66cf69cda5e16765e70a8c3615ecfc57baa6a283228bab60dcc337dc The package @ozon-complt/antibot-handler was found to contain malicious code. Source: ghsa-malware...
Malicious code in @tw-marionette/clipboard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9309f16e4a8a15191279d206290e2ab8f8dfa9daeae0df7b92c09bc9a1d726e4 The package @tw-marionette/clipboard was found to contain malicious code. Source: ghsa-malware...
Malicious code in @ozon-complt/split (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77c1f495268eb36a5d6c7f43e110ffb8cb58953bce375fdb4e6feb02818b3ce0 The package @ozon-complt/split was found to contain malicious code. Source: ghsa-malware...
Malicious code in quicktestybesty (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 459aa54bf8ac82101b14d4f85d01dde304aa638276b69a76254ff080ea52d5af During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in quicksolving (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 334524bfbf6438acc5016e76054740cdb532bdd9921695cbcc1852c568226708 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in rosolver (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0904af239ce7e030d9cde78de066412fb3942a4b12ea8be5c5d45681417230fc During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in pycolorlib001 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d13044c47d5f0b928df9bb3c300bbb520cef7df9cc929b859e7f2edd67d8221f During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in robase-library-quick-install (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3655afd9220b8d5df96a51d63e383fd4face5be5f31a2da02bcaf379d6625c6b During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in @apple-pay-trust/merchant-session (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 923c69f651ada0a2a6e4033304213ed069036ecf60291ba062fff36b1253d48f The package @apple-pay-trust/merchant-session was found to contain malicious code. Source: ghsa-malware...
Malicious code in @google-pay-trust/cancelled (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b7b08b4a3e94724e2b15686c111c5633ab73daf6f54dbcc7b758b91cfa3797a The package @google-pay-trust/cancelled was found to contain malicious code. Source: ghsa-malware...
Malicious code in @google-pay-trust/authorize-payment (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34948be5ad2a3e52a1e1c577dafd82b6711762743bfd51bfd6433e7a780f7e36 The package @google-pay-trust/authorize-payment was found to contain malicious code. Source: ghsa-malware...
Malicious code in @apple-pay-trust/start (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92fc55ea349311a75b2010e08e3c5bc6ad5498bf7f0ed78d942231a42ca46f8d The package @apple-pay-trust/start was found to contain malicious code. Source: ghsa-malware...
Malicious code in @google-pay-trust/init-google-pay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 155365fdfef6534b365ca7ef2fd9ec698aa3a0af9e1130483658eba525f70e81 The package @google-pay-trust/init-google-pay was found to contain malicious code. Source: ghsa-malware...
Malicious code in @google-pay-trust/finish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fd69ccad4854f078fe0d815a4f14a1b8ef69fd62704fbf4be49710a2c3926b2 The package @google-pay-trust/finish was found to contain malicious code. Source: ghsa-malware...
Malicious code in @apple-pay-trust/validate-merchant (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04e899c9f267696289778cbf0c2c4f8da289e47bb3bce95ffa4fa4e3fe290722 The package @apple-pay-trust/validate-merchant was found to contain malicious code. Source: ghsa-malware...
Malicious code in apollo-vertex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea184ad5469def11090bb56f964419126c2f809ebce868fae9f5f88e0a641ccf The package apollo-vertex was found to contain malicious code. Source: ghsa-malware 8569a9d8f7822b4c1ca08fbd1d1860baca28935523892e344f2839845485541c...
Malicious code in apollo-landing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47cb6abcb11f6d62fb52ef331d93bf4c2d5faacb9a4f91386aa6fb06e03b7bef The package apollo-landing was found to contain malicious code. Source: ghsa-malware ed937449ad5ded3d0430063ec8da96faa5c685d89f612418710856e92d1b6438...
Malicious code in process-app-task (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e9459ef3208e8a07fbb99a80ce6bc5f0a6b9c6511da51241bac7c034632b7e1 The package process-app-task was found to contain malicious code. Source: ghsa-malware e03db779eee12801bb79b31d14cb5519f499b54a039c4428b125a23c26a652...
Malicious code in @tw-models/storage (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1acb608389781c19ee33b5aa795b18367eab2569c00bce5ca9292db0b08f9594 The package @tw-models/storage was found to contain malicious code. Source: ghsa-malware...
Malicious code in @tw-marionette/input (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6b93bf39d5351c220722a3326600c9855309a8e76cb6e10b8cff20f0d9bb102 The package @tw-marionette/input was found to contain malicious code. Source: ghsa-malware...
Malicious code in @tw-utils/static (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8060c32aabe89eb22a82291f64a25a65a01040bd6aa838ea676e7f500a25f70d The package @tw-utils/static was found to contain malicious code. Source: ghsa-malware 60a80ead8b8afa898624fa960ac7edaf112ac7b55a89001fc4c066971c2c4c...
Malicious code in standalone-apps (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22e6c4c826820874f1cb33ef8066313b4714652d4e70a69a343595a62f57e038 The package standalone-apps was found to contain malicious code. Source: ghsa-malware 16f035cde2e3e7ff7907dcbc9f16e05fca1c373ea51adbd2d5a2b484532ec88...
Malicious code in uipath-ui-widgets (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa9d3ca9b9ac28cb9fe47c84a695d8905ac59aacc352dfe23dfe6bf85464c481 The package uipath-ui-widgets was found to contain malicious code. Source: ghsa-malware...
Malicious code in kl-b2c-ui-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e32dd1450d1b5670388a4fbf71a7189cff326aa1c7734ee6ea1c89614438c516 The package kl-b2c-ui-kit was found to contain malicious code. Source: ghsa-malware c42673f7cabe65ad288149a7f75426fea7054327c8f73ac59d07e6b60a64b3db...
Malicious code in ort-moe (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b07b0d9d87f411b1c481f50084190fdde34edfeb1c9b10368a23abba0ccbcbdc During import, package collects basic information about the system, performs deep fingerprinting, and reports the data to the remote target. The package...
Malicious code in promptflow-runtime (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5b42466489944454bbab304af3aa9869e3f0483cafc76b4da896f6512bb4c627 During import, package collects basic information about the system, performs deep fingerprinting, and reports the data to the remote target. The package...
Malicious code in @sbt_gitverse/analytics-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2858d6765b337bc72b69faaa1a64e528931e8230756aa8a1d5ab4e58793357a The package @sbtgitverse/analytics-client was found to contain malicious code. Source: ghsa-malware...
Malicious code in tether-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3a15feaa501454125206345e0e802667759555738db7b1a1ee9ad5dc6b0098a The package tether-base was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in axis-ui-generator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 898e7e6953d0a1f5efd906c36d9a6c798f0dce58017ac54df6e1b09bd26dd6d1 The package axis-ui-generator was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in axis-abc-search-address (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12745094744214b57071e8ace8ee7d5ee3f9be6e7d29d338bb4bbd01842f2705 The package axis-abc-search-address was found to contain malicious code. Source: ghsa-malware...
Malicious code in axis-abc-portal-menu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84dbd03fbc7970d1f3fc987743f698a9ea6a0af44ea2b89d0f2c1cbaa397f933 The package axis-abc-portal-menu was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in axis-abc-search-account (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 940253e64eab64d76178b547ceb87731aad0dbba1ca1f988571af776564c891b The package axis-abc-search-account was found to contain malicious code. Source: ghsa-malware...
Malicious code in axis-notification (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 341ed22195f4a5533e72c654980bb1eecb5d0fb91c70a5132ca728978d68de54 The package axis-notification was found to contain malicious code. Source: ghsa-malware...
Malicious code in axis-charts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2948113b9e8ba2a0eaf9f07de49e63efdcdb91450acb69c6e5c9da9e2f982eb The package axis-charts was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in js-component-explorer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42b874b4949845eda88ec207be1ff9bedde0eb14b4f8cc12b4f46fd32bd32391 The package js-component-explorer was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @tochka-ui/foundation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9575f5fa03036022a473218e67ec437c95aa1e3c0768e1006762695c772705c8 The package @tochka-ui/foundation was found to contain malicious code. Source: ghsa-malware...
Malicious code in elementary-data (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 96dc65f67f54411d3de6b23a33a8f73665e2703d7261b7f1720cdc089c528eea Versions 0.23.3 were compromised. A threat actor exploited a vulnerability in the CI workflows to inject code and establish, likely, a reverse shell in the CI...
Malicious code in @frengki0707/google-cloud-clone (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a278202a1e4a54c185b707e1eeed0b0df0438168bcec4a2a5b5741bcbd8a5e5c The package @frengki0707/google-cloud-clone was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @alfa.life.mapp/app.web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d31f4eb43fd465a585f96a6ae24d86885dcb21e0645e446d9831edce30250a9e The package @alfa.life.mapp/app.web was found to contain malicious code. Source: ghsa-malware...
Malicious code in swampo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7b8e193e75e6ca7d387f21b53c251e6ee8791d9ec4ca3f37099e765415d36157 Multi-stage dropper. The "analytics" functionality fetches fake updates information that should contain the next URL. From it, a yet another URL is downloaded,...