victim-package-b
npmMAL-2026-400
Malicious code in victim-package-b (npm)
victim-package-c
npmMAL-2026-401
Malicious code in victim-package-c (npm)
potdf
npmMAL-2026-377
Malicious code in potdf (npm)
coolpackage2323
PyPIMAL-2026-376
Malicious code in coolpackage2323 (PyPI)
spellcheckerpy
PyPIMAL-2026-375
Malicious code in spellcheckerpy (PyPI)
github.com/esm-dev/esm.sh
GoGHSA-2657-3c98-63jq
esm.sh has a path traversal in extractPackageTarball enables file writes from malicious packages
mised-discordjs-selfbot-v14
npmMAL-2026-374
Malicious code in mised-discordjs-selfbot-v14 (npm)
theme-neutral
npmMAL-2026-371
Malicious code in theme-neutral (npm)
sezzle
npmMAL-2026-370
Malicious code in sezzle (npm)
webmd-debug
npmMAL-2026-373
Malicious code in webmd-debug (npm)
mw-proto-models
npmMAL-2026-368
Malicious code in mw-proto-models (npm)
mw-shared-utils
npmMAL-2026-369
Malicious code in mw-shared-utils (npm)
webmd-cookie
npmMAL-2026-372
Malicious code in webmd-cookie (npm)
dreame-claude
npmMAL-2026-359
Malicious code in dreame-claude (npm)
pl-global-ec-uikit
npmMAL-2026-363
Malicious code in pl-global-ec-uikit (npm)
uq-global-ec-uikit
npmMAL-2026-367
Malicious code in uq-global-ec-uikit (npm)
shared-global-ec-uikit
npmMAL-2026-364
Malicious code in shared-global-ec-uikit (npm)
gu-global-ec-uikit
npmMAL-2026-361
Malicious code in gu-global-ec-uikit (npm)
excel-to-json-test
npmMAL-2026-360
Malicious code in excel-to-json-test (npm)
telia-eventapi-client
npmMAL-2026-365
Malicious code in telia-eventapi-client (npm)
testing-package-bose
npmMAL-2026-366
Malicious code in testing-package-bose (npm)
chai-bin
npmMAL-2026-357
Malicious code in chai-bin (npm)
health-check-node
npmMAL-2026-362
Malicious code in health-check-node (npm)
dot-env-buffer
npmMAL-2026-358
Malicious code in dot-env-buffer (npm)