Supply Chain Incidents

MAL-2026-4813

Malicious code in noteparse (PyPI)

massive

MAL-2026-4795

Malicious code in massive (PyPI)

makecoder

MAL-2026-4790

Malicious code in makecoder (npm)

ggk-happy

MAL-2026-4789

Malicious code in ggk-happy (npm)

Typosquat

react-json-chalk

MAL-2026-4792

Malicious code in react-json-chalk (npm)

indextts-cli

MAL-2026-4794

Malicious code in indextts-cli (PyPI)

react-cleaner

MAL-2026-4791

Malicious code in react-cleaner (npm)

vxui-react

MAL-2026-4793

Malicious code in vxui-react (npm)

@autofleet/rabbit

MAL-2026-4787

Malicious code in @autofleet/rabbit (npm)

@godscene/web

MAL-2026-4788

Malicious code in @godscene/web (npm)

@catclaw/message-logger-plugin

MAL-2026-4782

Malicious code in @catclaw/message-logger-plugin (npm)

react-ui-polyfills

MAL-2026-4784

Malicious code in react-ui-polyfills (npm)

Backdoor

@iola_adm/iola-cli

MAL-2026-4783

Malicious code in @iola_adm/iola-cli (npm)

test-nonmal-pkg-5

MAL-2026-4785

Malicious code in test-nonmal-pkg-5 (npm)

ranno

MAL-2026-4786

Malicious code in ranno (PyPI)

ether-bn.js

MAL-2026-4779

Malicious code in ether-bn.js (npm)

reasonix-plugmem

MAL-2026-4780

Malicious code in reasonix-plugmem (npm)

unique-id-64

MAL-2026-4781

Malicious code in unique-id-64 (npm)

1cat-tunnel-client-zx

MAL-2026-4778

Malicious code in 1cat-tunnel-client-zx (npm)

helu

MAL-2026-4357

Malicious code in helu (PyPI)

testing-on-npmjs

MAL-2026-4356

Malicious code in testing-on-npmjs (npm)

mistral-search-toolkit

MAL-2026-4358

Malicious code in mistral-search-toolkit (PyPI)

mistral-workflows-plugins-webhook

MAL-2026-4355

Malicious code in mistral-workflows-plugins-webhook (PyPI)

mistral-workflows-plugins-mistralai

MAL-2026-4354

Malicious code in mistral-workflows-plugins-mistralai (PyPI)