Malicious code in @mesh-components/card (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c96d53100e05047008977d25b2800e9da6e1d83f42874dcf6be5ed4144d3d83 The package @mesh-components/card was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @mesh-components/customthemeprovider (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20b2e29319a8cb96867858b20a43a684624167dc62c186de47de7e7e7e8c8a2a The package @mesh-components/customthemeprovider was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @mesh-helpers/common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb7b29c037fd6e505ddbd1506f78292b2b69aef43c5750ef655bb27d5dd9986e The package @mesh-helpers/common was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @modals/blockchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9883b4336552c287c2c3ed9bb5888cc22173cd8b39fd181552f858607f0ffa70 The package @modals/blockchain was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @modals/layout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dd7a47296a1be165b33bf8cc140bf4b6b004025557cfb22a0b75c4ec8eea864 The package @modals/layout was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in aiolrucache (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8b847ab6789b3a3848d887f76adae74d05523dd4cb1a974372518679d27ed70e The package masquerades as a utility, but during import, code loads obfuscated modules with RAT- and spyware-like functionality, including: exfiltrating files,...

Malicious code in thisismytest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a1c269bbb834081025da993697e3e2e44db4a97e16e21f4c792ed85391772fa9 During installation, the package downloads and runs a remote executable, which is identified as a backdoor. It connects with a remote server and executes basic...

Malicious code in qyrm-pipinject4 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9a21af6fd1f0c3069036b62cd769efe0cd35077f9141b1454397e44561c73461 During installation, the package starts a reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

Malicious code in lingewindows (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1764671c9ae79c37db80b846d9e8efe94714732160dda25659a8e96f7dadb39d The package lingewindows was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in address-autocompletetest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b797224d264945b820a632a44fdf26c3baa54e8f1b5f6fe3db4a1739ee726f58 The package address-autocompletetest was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in nump (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 daf533091c2cd6d2ae82e47f2ba9264b23395105f9c088018560c13cea33801f Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in characterai-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 376ab6840d12bf4d2b6ff51f365071cdefb5fae185ba150f7a8db8b70b925155 The package characterai-poc was found to contain malicious code. Source: ghsa-malware e45663d55a0e072d7245ee8cf3a8557710aef6e643c135b20a0918aa96d2da9...

Malicious code in cms-catalogue (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d08a53064a76469a8b5ab4afdb3aa2907127f26f98ac8255e3ae650f8ce5d1ba The package cms-catalogue was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in yelp-react-component-badge (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abec06c903f4139ed298b19b96521401231e6bd0cc306e5e7015d971d5a4260a The package yelp-react-component-badge was found to contain malicious code. Source: ghsa-malware...

Malicious code in repo-typescript-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c009aa720ff70075b05dfa732a4d21fb40241c526d6615825dea97202843b252 The package repo-typescript-config was found to contain malicious code. Source: ghsa-malware...

Malicious code in nintendoamerica-ncom (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bd460f8f84945495991b78c3eaf7d639b5b9be34dbe78af64373c222e8cd245 The package nintendoamerica-ncom was found to contain malicious code. Source: ghsa-malware...

Malicious code in uniswap-info (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4b0c2ab6814aa67c139dffb11add8c0013caa86df1cffd6c9e1c0de09bd395c The package uniswap-info was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in mangrove-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d6714958f20775c2347e9c8b606d1de2e28ed29fe4b1a82261ca4fb966fc20fa During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...

Malicious code in efghr-honeybee-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e77e2d0088390e5dc421f70a65ade331bfbf554afcc9cc42362098d0ed130692 During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...

Malicious code in flyio-token-client-efgh (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2b09830263d8a35450ca657294a1725c441f2f7fe49cc7946e261e8f18401464 During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...

Malicious code in shakti-strings (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f2263a09a764a00c111f0baad35ef067d15ac1baaf92efd30cf27d86a4adc66 The package shakti-strings was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in nflx-cmisc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 871d12cd83665d57f07a3b718ffef817f52b1baa68cc2ddc00d4ea1e010fc1f7 The package nflx-cmisc was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in laserlogsink (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3028499625bf1c6a218f2332e6cecfd2af12b14859ce0411350e5ae84670a067 The package laserlogsink was found to contain malicious code. Source: ghsa-malware 474d1b0019630f528f0f4bbed72d636f649257ffca929db3211799fe870a13cb A...

Malicious code in tui-ascii-art (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4358458e150317ab394c6dd2d0137a8c395a32bae309cc1bfd829f123dab1393 These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

Malicious code in indpack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 85f1ca1d5abdcf2139039fc5e8a08068a8c2cacca8a31fed38fbde74f7b8c04d These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

Malicious code in reqpack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2b2e7d451cecf418103df6ecbe4625c5b08cc561e843e00f4ec37efde665c320 These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

Malicious code in gcpipwrap (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 af8d2f3dec668a16adf691aa26e16be82e62c2cdf993da1f4ff4afaceac30e92 These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

Malicious code in nspack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7741f090145e1e4bbd7998edba9c8151bd5dd3380adaa430e8f05cb2c814396f These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

Malicious code in cfgmgr-sync (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e3f72f18351a20c172ef8154055917c9e977fe782b32a4716faed582d67f3071 The code exfiltrates content copied to clipboard content to a hardcoded location. The code is obfuscated and has a persistence mechanism. --- Category: MALICIO...

Malicious code in cfgmgr-syn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ea20f8a566abc23f4b1d13543234fad04a3f791af173dd3dd3024bd93c3308c9 The code exfiltrates content copied to clipboard content to a hardcoded location. The code is obfuscated and has a persistence mechanism. --- Category: MALICIO...

Malicious code in delphoi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72f68bb459a4772a75900ddec7e0a918b514f2211a2303aa80ef82252078e3b6 The package delphoi was found to contain malicious code. Source: ossf-package-analysis c15c8182b6e392861478887a08b04eb8fecc38b70000313dfaf1cad8ac8bc8...

Malicious code in bic-seo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88b87b18acc3a062d6a79eb7fd959cbbfea586694cf6d918aac1ddacaa062518 The package bic-seo was found to contain malicious code. Source: ossf-package-analysis 7eeaff4f3318ed34f500a278b37ae6e39604797f0de8643056247dc4ab1ebc...

Malicious code in puzzle-gateway (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f27caad6b59388e38056a6d8624f8f7b19441cee52bd007d0e1b3678e36dd240 The package puzzle-gateway was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in ty-web-session (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15f6d0a640d7d4323f1ef52969a6a259b9b6e3bacc2bf65f514cd618a00945a9 The package ty-web-session was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in init2winit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7eb9b716534151a8d16432102f52af1e6f61f9701b86efba4294cdc0e18ceaea Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in airio (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d6edae69303a2c992df68a1743104255c7de6aa8beba5f7b37eb9b91707789d9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in nsscache (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f799f92bcb0f24e47655a4a38d97a8981bad8f31f28f7d82a5378ae8aa0f1c74 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in spatialmedia (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a092215ab076cff12b7606adbc678a0340701124b7e10d747c6b8aca8d5fed7e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in pubsub2inbox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bf686448f618fa764676453e2c0b7436f7c50c2043cc2734d2fcc142fb86f951 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in perfkitbenchmarker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0983513b915ec02c736c073b1af861f5ff6b1e62bf2074b42a33e8d5fa16bb46 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in composer-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7be3393e5cd932abe1668adaa58f526e25b1a6ab2ef4945eadeb60e68493c7ef Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in dataflux-pytorch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 486e56ad4de2a59b9c8890d854505075b556ca6920be97f850a14c7d648f7f3b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in mcp-transport-proto (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a40306e4035df29c739d5073ccb341685275d5cebba588b7014898229752e11f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in cloud-datasets (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7cbbef34e9c8a9e6db79ffb59dde86dafe9734166f201aae8a5d1837ac262fc0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in azure-eventhub-checkpointstoretable (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e41a629242e28270fbee568718ddef63da1e359ad5a5a1401ed85c48ef870d73 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in uipathisfun (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4128340804464a33ae1b20bb39d652bf1c658b63490cd97d45df609dabfd8f3f The package uipathisfun was found to contain malicious code. Source: ghsa-malware 5056a460c4d2ea98b9bc0090e9f7e81637ed9860f3b4befb1e8ab11df2248c73 An...

Malicious code in chai-as-chayn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37e4fe08f70ebcaf1ebc9988e7ad2694a3b9708734e8623adcf930d1803bb72a The package chai-as-chayn was found to contain malicious code. Source: ghsa-malware 57e4b17532a62987684bdd644c433a1aa7c4955324bb06eb3c6f7ed702fa0ed3...

Malicious code in innocent-pkg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a43dfe9cc2eebd7f30e81c4d84f86e0375a8f68621f3dd52156c93a9062e67c7 The package innocent-pkg was found to contain malicious code. Source: ghsa-malware e6e3d2128a98a7bfca4b4ef2d91cc684dad0a7386877a5673ecb0911489bbd7a A...

Malicious code in @fr3newera/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fba6d334ab723d77261982b048c8728dfdd60454bac47a0c23322ac7251e4c8 The package @fr3newera/baileys was found to contain malicious code. Source: ghsa-malware...

Malicious code in xyzttt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5bf8be86e9fbf67b0bd783470b31f222a90f7723388dac7deb1b168e658cf45e The package xyzttt was found to contain malicious code. Source: ghsa-malware f9a2092cb0041e877889c537a1e182d10e0fd642e2bcdb26daa6e8e8a2f7077a Any...