5 matches found
Node.js Multiple Packages Embedded Malicious Code (CVE-2025-54313)
Multiple nodejs packages were embedded with malicious code. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows. The following nodejs packages and versions are affected: - @pkgr/core 0.2.8 - eslint-config-prettier 8.10.1, 9.1.1, 10.1.6,...
Exploit for CVE-2025-54313
cve-2025-54313 Checks projects for compromised packages, suspi...
CVE-2025-54313
creationtimestamp| type| source ---|---|--- 2025-07-20 00:35:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3luea7ehhcu2j 2025-07-21 16:30:26+00:00| seen| https://bsky.app/profile/nimblenerd.social/post/3luifz4pdgi2f 2025-07-22 21:02:23+00:00| seen|...
CVE-2025-54313
eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows...
CVE-2025-54313
eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows...