49 matches found
MAL-2026-753 Malicious code in log-symbols_updated (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92d79723570a5dc0d85c63b9ed1ab129a1be11ac69a75c1d2bd8c5cdcc12f6d3 The package log-symbolsupdated was found to contain malicious code. Source: ghsa-malware...
MAL-2026-381 Malicious code in @mikudev/beles (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8f3ea49ac3a40f6d28d2ebc50e1ef196be3d37c05e88065ad5a537d0dd88d75 The package @mikudev/beles was found to contain malicious code. Source: ghsa-malware 6dee4521aa58cbf67cc78b5a73b5d991fc017469415884ca3286fb252743f2a7...
Malicious code in hopedraw (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9b92770a39e89559f4745f8c6d264f55c2f56aa858388f2b23fe19d8ac5cfb7 The package hopedraw was found to contain malicious code. Source: ghsa-malware 5816fd13331bdf9cddedac9d250bbe6f4d28bafe88b9bea201c4f6cbbb1f2448 Any...
Malicious code in jfrog-npm-actions-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a600f48287c23fcb6db85ed0ed084de6ce12d7d3fab99e327ec306c6a84ea7f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in useradm-enterprise (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce2bcbfbdffbf03bd25822f3d63f902505a6edc5efb3ef610fce41007b8620b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in internallib_v125 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab77b49975a46f2335153950e340dc04f11da41aebe8c463f96f99d7e831fff6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48276 Malicious code in cx-hub-interaction-ui-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a9bc1addddaee6ed4aa8352a5162c828bddcc53ddee490fb211f76247c23cd4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48259 Malicious code in mad-3.0.2.2.2.8. (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf1bcf59e3fd43b588530451a4eade20f273d04e69831c45aac60075102e288d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ballance-check (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d2685c68a4c8516f69c39001102234d71d9fdb43a4c2b23ae83242808d9c3b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-thunk-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 929d9268bc92055751c7f10bae27b10942586f07c6fb81b6740905a7b067604d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dexa56 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f43715f87a1218ff23eb2b375c7b84ac74b6e17a9035aeb9ea4c0657546b4484 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in oauth2-bearer (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3aa2d2499cf414a068a46af982e2179810f9ca6fe985bc099dec22b8dc75469 Any computer that has this package installed or running should be considered...
Malicious code in phantom-sign-in-with-solana (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6fb04ee07048a7f2aa9201a7f29e3d8bb5802fb53f095bc48f93928568cf4646 Any computer that has this package installed or running should be considered...
MAL-2025-4983 Malicious code in customdropdownadapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e29bf2cb2ca6349ffa2030e7ae2a9d4f49fb302fc084fb3ace37e76b543b502 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @loybung/inject (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2360caebc7c178c732c57b8da900d7e303a05b8a498693b6f6449abad8fbb19 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4635 Malicious code in yaml-mcp-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63f698f000e6c4702e971dcd3923f64bd9039710fde38e7329b170ba0266ac01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in directx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89c6fdb82cd7b28af322fd42d09eed2c86ab4e1893ca7bd21111555b14057428 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in malwaretest (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 397437468f634806853b4f3a7f82626c63224cb1d7f173af2aa530d126540ea9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in actions-project-version-check (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0dfacd7dc56f2f0ae2b911d6bd9b2b8d50e4273f1f28a014bf64dfa9fdb9ff3f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in kcex-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0ce9b582a4e9a1941b68d4f5d683d97c93a4bda05b8d494dc0bac426302aa4f6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...