Malicious code in meta-internal-logger-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1483f98fd78866cc6a27d31d99659bbb2912ec70d8771a004837f6fa46661a78 The package meta-internal-logger-drzak was found to contain malicious code. Source: ghsa-malware...

Malicious code in whatsapp-core-auth-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5f0056922bde61f17500081c40e73bd86df9a2ec7688a11853a071aa3b4c6d8 The package whatsapp-core-auth-drzak was found to contain malicious code. Source: ghsa-malware...

Malicious code in dell-fusion-core-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d5d156081b9f33279287f433edff50b49a63fa67e0da031c374075fde1cc24f The package dell-fusion-core-drzak was found to contain malicious code. Source: ghsa-malware...

Malicious code in dell-internal-auth-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbfacc6ee81634bba390c5b27b3d5257f8b0d2148e93978085136c337d158ab6 The package dell-internal-auth-drzak was found to contain malicious code. Source: ghsa-malware...

Malicious code in fusion-internal-common-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a185377a78b169ac6bc30d82d4ba1031a1a2b7024e15a17ae5a2df8bc8fefc2 The package fusion-internal-common-drzak was found to contain malicious code. Source: ghsa-malware...

Malicious code in tradepmr-api-utils-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed879324b5de23922f365eaef686660dd2a42745f101998d954eda9c03449b1b The package tradepmr-api-utils-drzak was found to contain malicious code. Source: ghsa-malware...

Malicious code in tradepmr-fusion-core-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c349b8764d0420102fac6617d31810af64e670f6939bed61097a46458ab41c4 The package tradepmr-fusion-core-drzak was found to contain malicious code. Source: ghsa-malware...

Malicious code in whatsapp-fastdesk-utils-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfe29253f5fa322c274903f6ae99d6746f274c0a17b2656150fb925da0ec74b8 The package whatsapp-fastdesk-utils-drzak was found to contain malicious code. Source: ghsa-malware...

Malicious code in dell-emc-internal-api-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79b1c68a3106c50c73d1ede904d8c6fe7b41466a0e619e50c0935a7988293740 The package dell-emc-internal-api-drzak was found to contain malicious code. Source: ghsa-malware...

Malicious code in @immuta/flag-providers-web (npm)

Malicious package due to data exfiltration, command execution, and suspicious install scripts. Gathers system info and sends it to a remote server. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 041967637fd096ee4ba0091769b628c2c7da4bd4a60f38a6b4e3ba5cea9cf788 T...

Malicious code in tachyon-spade-reporter (npm)

The package exfiltrates system data to remote server --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80ad134ce018cc5d3d53f7bcb89de68046aacd2438d13bd6fb93875be5380223 The package tachyon-spade-reporter was found to contain malicious code. Source: ghsa-malware...

Malicious code in tahoe-tap (npm)

Malicious package detected. Executes code during installation via preinstall script in package.json and has only one version published. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deec4b3e879632ae9819b52e88ae689725b1af688aecd541e498d2bac084f848 The package...

Malicious code in tourney-sdk-react (npm)

The package exfiltrates system data to remote server --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c5364bf5b440c1fcec66cbe29b7243db3661868744f68aebeb5f8b99619d950 The package tourney-sdk-react was found to contain malicious code. Source: ghsa-malware...

Malicious code in twitch-twilight-intl (npm)

The package exfiltrates system data to remote server --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01efff3eeb27457695f8dc2651f9944b72ee21d46a4579f33d0078e509887101 The package twitch-twilight-intl was found to contain malicious code. Source: ghsa-malware...

Malicious code in conductor-managed-airflow-environment (npm)

The package exfiltrates system data to remote server. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5f29800aadc2ebe943dd6adcc062837b02d670ffa617e03508fa7d6c7366494 The package conductor-managed-airflow-environment was found to contain malicious code. Source:...

Malicious code in @lux2/ssr-catalogue-sfcc (npm)

Package collects system info, exfiltrates data to a suspicious IP, executes shell commands, and uses pre/postinstall scripts. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b625e0932d70166d526fb8fa4993c8c448699203e795ad308cfe52cd784b28ff The package...

Malicious code in @immuta/feature-flags-core (npm)

Malicious package due to data exfiltration to a hardcoded IP, command execution --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5faa2e2b3afed77ff19adb0b231de0a6ecdd10f713507e643a56d3d5503b1e47 The package @immuta/feature-flags-core was found to contain malicious...

Malicious code in @immuta/pxl-components (npm)

Malicious package due to data exfiltration, arbitrary command execution, and suspicious install scripts targeting dependency confusion. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03d86f67d7f931d0f720838a4bda33d56a54a5502b29ebe3e1094a984041b7a2 The package...

Malicious code in 8x8-developer-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 830ce990639483b2f7a9ea4e000d63c831e0d58c94e718a1a20add6885cb93ef The package 8x8-developer-docs was found to contain malicious code. Source: ghsa-malware...

Malicious code in f0-service-address-doctor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fb126414f1575e7289915e4edd746dbac3d039a0a433f5069309acc281e7892 The package f0-service-address-doctor was found to contain malicious code. Source: ghsa-malware...

Malicious code in adroit-websdk-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2635788b71e7d2d9a220ca0717bb46d6704bb205393b2f479105c20d9f94735e The package adroit-websdk-server was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in cline (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38d7531f4d4af07fee607e1d2985d0ea5b41dbf28cca5bc16c8457934e372f86 The package cline was found to contain malicious code. Source: google-open-source-security...

Malicious code in spectral-corsair-my-backdoor (npm)

Malicious package detected. Suspicious preinstall script exfiltrates data to a remote server. Multiple YARA rules and LLM analysis confirm. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0826a28f7948e68cdddd6260a01c3653a7f04deb2c9368054243ed47713ee353 The packa...

Malicious code in @sky-it-livedata-libraries/livedata-commons-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23622be0c1860486eed767780c0a0de0a46b5b0a736cd99a08ecba95fd57c411 The package @sky-it-livedata-libraries/livedata-commons-client was found to contain malicious code. Source: ghsa-malware...

Malicious code in @sky-it-livedata-libraries/livedata-commons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20bdbc3cff45e6eac27e84e332d4efa6ad06a4d593b15610a99115bac25d2931 The package @sky-it-livedata-libraries/livedata-commons was found to contain malicious code. Source: ghsa-malware...

Malicious code in collecters (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c17c6bb947662d942c27cdf7ca9572536ea97f7864070648eb417277cad2e71e Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

Malicious code in @adamallana0909/apple-research-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d8bddd202efdf484dda4f9ff697fb7eab0e1227f76c736d92e6af21a85b89fe The package @adamallana0909/apple-research-test was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @appleseed-apple/ac-sasskit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88124096765095b75d53f5129410a02db9d3966422e222d21b811aa0699ea725 The package @appleseed-apple/ac-sasskit was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in json-specparse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28ad383c55884ea3f12626f13a56f36b7fbc1eab649de47cfcb657478162850c The package json-specparse was found to contain malicious code. Source: ghsa-malware 18627c1c0def6faaa8722de5bc97f27981110eaf8844500039b842de043d2f62...

Malicious code in mezukabil (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 116aeb117747dfbea2f28ecfaae0e59f69c1c476942bc00335519de4e68a8c84 The package mezukabil was found to contain malicious code. Source: ghsa-malware 554fc63eb509f787fc60a615d7228f13eb692391a1a1dca733d3031716dd2ff8 Any...

Malicious code in @kinggupong/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3aec3e6bd7152f810947ba89be8ccb87de340b49801eef6c91c2a809330dfb03 The package @kinggupong/baileys was found to contain malicious code. Source: ghsa-malware...

Malicious code in kinggupong (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e715c2381b97a44dc664b3fbb1faf1977b339bc9cc51ad7722b09e24caa2f63 The package kinggupong was found to contain malicious code. Source: ghsa-malware 47fb80c46fcfaba8da9b01d5f99700a8a98a138ce3936b2ed9393db423d5b718 Any...

Malicious code in @kinggupong/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c19c128fca5c3aacdbc42a4005ff6e5fac66da9fb811bf98788503f6dfd00eb The package @kinggupong/libsignal-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in pcl-build-docroot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec644efff0c2f83a615a174be4d854af6d4411fec2fd2246ce43b6118f6065fd The package pcl-build-docroot was found to contain malicious code. Source: ghsa-malware...

Malicious code in unibody (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62433a668da6675dffc03d0b406316c3a612058aed5063d864c1f6a78d94e937 The package unibody was found to contain malicious code. Source: ghsa-malware d5083ea858a18dda094f7d171b57730132d8348f914ae8b2895725447d8f13f0 Any...

Malicious code in praxis-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f147ac7e867b493ef159ddfdd294c57a1bfbbd8e502037178470c37345ca0628 The package praxis-scripts was found to contain malicious code. Source: ghsa-malware 9cf02a0374cd88b4ae46f34a484f0441ea2bfaf3c6799812ea6b4cf4e916cd0c...

Malicious code in dappa-libsignal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc1eeaec0511dd790f563abdf59568e7aa14de6e21c4c8f2b44f0b636098f54b The package dappa-libsignal was found to contain malicious code. Source: ghsa-malware 23e35315c10b6b42c517deeb17e10e7bdbeafc3562268eca0d6758a23e31ea6...

Malicious code in libsignal-mod (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 211e000c840d09f14adc470cd83c124e8a4e49249e78c8a759693e3678c63da2 The package libsignal-mod was found to contain malicious code. Source: ghsa-malware bb9ca486dd8fcc83473d13eb8fd8c5f8881d2be2d8301a167de2d40ad8513c51...

Malicious code in @dappaoffc/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb37d2f85c635986dff2f78d2a601e36c3f676c4c1a9f65df33c5601a9d7a2ef The package @dappaoffc/baileys was found to contain malicious code. Source: ghsa-malware...

Malicious code in @dappaoffc/baileys-mod (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee2d90dce9a6d45cb24a57cb738764c3675c7b5e6a594a15f8130938bcf5a886 The package @dappaoffc/baileys-mod was found to contain malicious code. Source: ghsa-malware...

Malicious code in react-svg-anchor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e014ccf1aaf52a0f5ad92a977b2fb987b63be3ae7bdf8fa9b5f8813f68040344 The package react-svg-anchor was found to contain malicious code. Source: ghsa-malware d539493dcc209d4d478ffa4a5893cd5cd01ee1d994700b9492b651c8aeb372...

Malicious code in npm-doc-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e02a5339e3c7017ad72be2bb9ed62f13b6d4aeef3450ada18af95a6203e8e105 The package npm-doc-build was found to contain malicious code. Source: ghsa-malware de3094bb10170209a4225724c5cc0934cbc551bbcf01dd6f6df0205ca158ee6a...

Malicious code in bign.ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a025c6f6e0ba133f66c24e9d46df60c1b78c7d79803fdfe7f0c7c4a4e4564528 The package bign.ts was found to contain malicious code. Source: ghsa-malware e8f7bbc689d348ea3844e77989dc0dc5bc44ed380ea464ca671e8e3ea8dda1d2 Any...

Malicious code in b2b-common-cb-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0699be4242e2a015c76aad1b5ee1f2482f01a59017778511108ed33b8729a8e The package b2b-common-cb-lib was found to contain malicious code. Source: ghsa-malware...

Malicious code in svg-safety-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 423523b3df147eccef394a43e71101674f003918fb09ae7121dac4c4ac474eff The package svg-safety-tool was found to contain malicious code. Source: ghsa-malware f31f6cc0f000af3b9a7f76332b14e7d9c33b2d0f80056695850c21490d0e41c...

Malicious code in jinja-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e79b3bda068fff4a0d32858209d995e311925bda047742e96a1c4bd5424083a The package jinja-template was found to contain malicious code. Source: ghsa-malware 777241a05ff1b9cafa5358e6127f852378179af0ed1c2c6c1ccea769cd94b398...

Malicious code in restrict-imports (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f82360676317e6d9c2b69a82034af73f2008890871348fb45bc5b966f6aca03c The package restrict-imports was found to contain malicious code. Source: ghsa-malware e153e68a84a468be42de7a7c49af2d4e73778f4462d854be60a6e8baf03105...

Malicious code in faaladorcli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b0c3b79e20d5c0305695699a443c35baf74deda90bad7263cd0b3f9bd3613572 During installation or import, the package exfiltrates basic information in a dependency confusion attempt. The user identifies themselves as a HackerOne user...

Malicious code in falador (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1d66c45b27d4ff7595d8a13a91515450c248dc50a6531199f0254bbd9d6440bb During installation or import, the package exfiltrates basic information in a dependency confusion attempt. The user identifies themselves as a HackerOne user...

Malicious code in f0-abstraction-resolver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 224dc9dfb692343ce6baa1f2e8ce95e413f8a4d8d9991bea7c7272923cd7498c The package f0-abstraction-resolver was found to contain malicious code. Source: ossf-package-analysis...