225920 matches found
Malicious code in turbo-leven (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0903aeeee8de9f8d0b7bae616fb57ef1468d676ff1f319791b54a4c658211b4 The package turbo-leven was found to contain malicious code. Source: ghsa-malware 6a89f53d914eeb23f58756ee338b08701d799e346d6901d2f374bb51e736b2ef An...
Malicious code in @kjma/mailcraft (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69f8916db8f38815341618cd61534b177ef9984ab2dd5774e445bb072fcf10c6 The package @kjma/mailcraft was found to contain malicious code. Source: ghsa-malware 5e4802b882a28ccb6e1c4c9bf610c05c4a2a023d7018fb66c0ac46623b8560d...
Malicious code in chandan-module-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9b92ee71a8547073a6d21685e6190b1769e93db8cbf2be1a57e7e14e8d0d075 The package chandan-module-test was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in pa-marked-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa7ec58688a86a684649482df31ee2d5ded2b22d648049ab9a2d6ba93bb912b0 The package pa-marked-internal was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in rblx-studio-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0984290664d514183109c836bea6a2bda03e33f89563accc6c79a51e281688f8 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in react-spa-shadcn (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b0a6436d822911c9ab59cb73cdf9c25c0dfa562feb406fcfa450ad964418f89 The package react-spa-shadcn was found to contain malicious code. Source: ghsa-malware da9de249511ac32f8d560921d4da27724c126e29260a8fb7c4acb1da70c6b7...
Malicious code in robase-setup (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3fcd831a04f3c23efde7a365717e715cec5c6fb5211d26e5d76ace539abb06bc During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in pa-marked (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e01d64e50dea2a8be10707dbd49869a6bcea570bf26829a1738ca2237882249 The package pa-marked was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in rtms-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c18da37bf0615d0c7dceb6be7eb89956f39de56bbc90f65d9398fbfb3f9455dc The package rtms-manager was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vinext-monorepo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5c7279d5c84c989a0deef7944c5d1d22b89651bdc01da8fc5144622a8fc74cb The package vinext-monorepo was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in sy-editor-v3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cbd7c2056a09f76b9e73fbd0dae4370df9df455077146ae85b6b985b0394d4f The package sy-editor-v3 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in mylib-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8cc746751844570c4d9de0acc1fc4aba45c1316434c664fc70711749720f88f1 During import, a remote executable is automatically started. During analysis, the executable only showed a basic message. It's likely experimenting with...
Malicious code in rblx-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 be690c2f32ad941003f8733406643848380c3918af421fa56c8ec0802b9c261d During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in @shoobx/types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89c007db99335df1e518ef5f3fc4acc2c7d18c0ca6ba9496a93c6cd688e6ffb3 The package @shoobx/types was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @source-row/source-container (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef1f8f064936d70cf38ce81e5a991bd0514ea059213b17683bf77edfb8cba45b The package @source-row/source-container was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @ataslkit/profilecard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8efe1bf5f3d6ed3259b1ef3d48d73c3fd6368a50097725968869b551e73f828a The package @ataslkit/profilecard was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in react-resource-router-next (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74666c1336dafeaefaa96b6bf71ae8a216aa4eaded1151bbd390c0cb913d1697 The package react-resource-router-next was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in stringhelp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 614fb208fe0dce0e336281a07696b97a699937b1cb5d6167e6d126e8693b7ae6 The package exfiltrates Discord tokens to a hardcoded location. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaig...
Malicious code in cktool.core.internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95da3751f8d8f63d46e480fc465291ffa814ac0294663c1d3d62d6b4b40df73c The package cktool.core.internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in cktool.config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d17768ef72268e4f3e826458378ed35d149b66eee4e8ba9011ac3a56703d34a4 The package cktool.config was found to contain malicious code. Source: ghsa-malware 7ab5059fb326d298c03d52ca07411ad4f38ed446293bd6206c87b11b6c78aa13...
Malicious code in cktool.api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b28b7eb696757e668aa67a3d187943f553dce7298e27f7b47cb90022034ac9ba The package cktool.api was found to contain malicious code. Source: ghsa-malware d228f217a2a065caaf43db67d6cc7dc3c842a2bc821523c33e11456a1a7c0d4e Any...
Malicious code in cktool.internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d35ec7e83cb03e16d3d408e617ad1c8a72dae84f6b8655f5439b1e5465e47fc The package cktool.internal was found to contain malicious code. Source: ghsa-malware fea6b6dafa01114874236a50b5923473307ac91ce0b6c562d3ccb2fa27e6af4...
Malicious code in apple-idms-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f0eeec23623c0969b1edd5df79a1b592d22f6c05b5c91442114efd08ce173be The package apple-idms-internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in apple-cloudkit-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cfcd7e5376478b86db5942e2492ae0763bad14dda004c55988edf420f5e62ce The package apple-cloudkit-internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in react-hook-form (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17ae372e5061ef357237d48a7812ca65bbc3a49b8a57153df5812d17e9d8eeaa The package react-hook-form was found to contain malicious code. Source: ghsa-malware 5aa9ba7a4ea0b89453bdd073b8ffb80b6e3baab6684d5652a1e898c2bacb5a6...
Malicious code in ac-sasskit-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c88124eb460a9e33e146185720f25d78918a3b360c1e41d55889b0b392f7ef5f The package ac-sasskit-internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in material-ui-plugin-cache-endpoint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45efd49ad74d002b46224881218cf53c763e58c0b71ed3d3ff3a79d1021f3a64 The package material-ui-plugin-cache-endpoint was found to contain malicious code. Source: ghsa-malware...
Malicious code in aet-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cf718588332bb7bfa01fcad3d6c7ece7d3a2e075b036201a74c38bcab78c17e9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in @indriver-poc/whisperwind (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7543a4315d192afe241577899d5777567678b591c400103ba3da0dc46f1b1d55 The package @indriver-poc/whisperwind was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in value-slider (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abf877173b9292185a66f77e03a35a1964c716f9cc053cd68cfd66fa005843fa The package value-slider was found to contain malicious code. Source: ghsa-malware cf716f2e826f45d1313d19d4691315d634d3199be557367c4346af4481aec65c A...
Malicious code in @than-xs/libsignal-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c613873d188e4ec1b5e30520478eb5e162c8f2b10cad3dd50e0973d9ca925034 The package @than-xs/libsignal-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in @than1st/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33e5a745025283eafbcdaca42eabb928085deea39d64a048431086a73651cbb3 The package @than1st/baileys was found to contain malicious code. Source: ghsa-malware b279f3956e0591d27684f8ad6e1464cb4d3901ef0d1c977ef8ea6ec3f53a71...
Malicious code in shan-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f30fc6910fe03c53a74048a95f90fcd38db1b5317f3a3401ceb1bb9ea24fc704 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in eslint-plugin-totara (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96447eb1f41df9da2d8e298530e25265374244a3e23279006ca447a8a5b0c0bd The package eslint-plugin-totara was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in node-red-contrib-yolo-object-detection (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f37c68b0e146f969ed875753302026894ce41d379d736a1856b9e12a8c1a4479 The package node-red-contrib-yolo-object-detection was found to contain malicious code. Source: ghsa-malware...
Malicious code in shan-lib-poc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f6c2f4a0560b1811eba11c9fd304f7441ab7e04f4e569e01bdfe06aba6722edb Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in lixxyly (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e3c0a4fef6764ec743cc96d88d10dbc9a33197300a3b916746ab5f5391ad6e96 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
Malicious code in shelipp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c745f1c7897e6075520af7c8d838b496c8af8814810ba86dafd64d09b3d24b97 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
Malicious code in looopiw (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9d2af7de30ed37363dcd3ac8e41e0ff2987d97ec742dd973a2f95158c6f0f185 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
Malicious code in sher-server-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e83ee8187475c07ed6ea406a698e3f9d3c55efec8e689ba0c110a6ee2ce1012b Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
Malicious code in sher-net (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f87dc8302df47889be1acee83b535b423d7f04e597ed61cca62dc2727f4d5d46 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
Malicious code in koa-v3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5868e3008cddae6f0d4f1594e5f22c25d905ca6e32b915c4b527ad2ed77cce7f The package koa-v3 was found to contain malicious code. Source: ghsa-malware 16ed2d5a3189595a73eb117e70d2a31ba6ed920704a2917c7f83aacb8b5f42d1 Any...
Malicious code in solanakit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3e8770458eab636335241e359b6cee149cc00640fb2418b4462c89ec88accc93 During import, the code downloads and starts a malicious package hosted on GitHub. It then first ensures persistency e.g., through the autostart registry key...
Malicious code in procoder (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f2e6ce1118208c6647ef6e3c175235b92ee242cf0cc068281c4ae630da662c7b Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...
Malicious code in azure-ai-agentserver-githubcopilot (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5302d683e413611c8a5f1bcfb18c19e34353a50c1d4450546b284197bab5a6f7 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...
Malicious code in ixosrestinterface (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e2fe4fe4fa9a0b286aec54345ba951ff46306f88ef7f106fa1bd2496e34c7898 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in keystackutilities (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4b76e011fdc2ff62186e932ab958f9daf671bcc8e727dcaed74441489b229468 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in loadcoremwassistant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 20499474b0d0eb5a02bdd34aba8dbd438993b87506fb7a9bd88a62a729736221 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in restasv3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b1f1a7427290168b0acaa2bd682cb33a9d3384eb9f0ea95d2bbd295152bfff7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in express-security-policy (npm)
Package is malicious. It exfiltrates user/host info to a remote server with obfuscation, delayed execution, and error suppression via preinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...