4606 matches found
MAL-2025-6304 Malicious code in react-server-dom-turbopack-experimental (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 919b44a54d192c9600403c1ad155e8d4c1652c00f211b52d40f3b61893419ba9 Any computer that has this package installed or running should be considered...
MAL-2025-6305 Malicious code in react-server-dom-webpack-experimental (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2a08db68343b79c1eb43cde87320c0f9ebf1ad3ab6a4501cc1561d4bc247a94 Any computer that has this package installed or running should be considered...
MAL-2025-6244 Malicious code in jet-os-detection (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae12c732362620c804ce4ff9fc2e85cd4f861a8084f6b9016fe67ce31b57c955 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6235 Malicious code in tnet-dps (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45ed1abbbf74a45b20d6fc72505538baf442bd7dc2879cf8958b815f12ccde79 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6297 Malicious code in nonexistentgibberish (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b9dd1765a9029e224c537d8a52266bd425b43b63409e96f9d07755edf7ce3d7 Any computer that has this package installed or running should be considered...
MAL-2025-6295 Malicious code in mv-fe-scss (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c1a1d9e0905804668e279f144472abeac638dc18ec3c4cdf519de71d9ddbe73 Any computer that has this package installed or running should be considered...
MAL-2025-6083 Malicious code in cosmjs (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76cfd30c52a126f1b3dd180a97192143c9bd72a807c75e0d458a02ede65eb60e Any computer that has this package installed or running should be considered...
MAL-2025-6102 Malicious code in logback-classic (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cfdbf897b4e05812cf41e2452ff954fd4ccd831b4ac8a6f7ecae4371674f5436 Any computer that has this package installed or running should be considered...
Malicious code in splice-pulumi-common-validator (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f14575bc2da7a355de468310839aa06cea1b89f21b60553520aacc0b5cd693ef Any computer that has this package installed or running should be considered...
MAL-2025-6161 Malicious code in firefox-puppeteer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c76d6adc7e0c326e775422909c057134c541ee2981946ca82b89f5fd4b86ee3d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6160 Malicious code in firefox-profiler (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4487e2a5882ebb5a6d35e69c7f4644df4cebad9ed4660d01cdcbd6d137dd82c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6202 Malicious code in tfjs-backend-nodegl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f21880e33cab4a48939f274436f6f33953a8b4eaafb7f850ac6492008d81bac8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6193 Malicious code in ppsdkconstants (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc09f5bfdfd7725488af3e5502891485f650447a780f7e5ad6f839ae7d3120b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6153 Malicious code in axios-hehe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e13d64444d4757217cb743320d70709377a6c8e7d19addff182ee6430b42afb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dewiz-xyz-protego (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12df6549a4cbc6f4567449f311e376161847587f484c17de41234a4475bb0a3e Any computer that has this package installed or running should be considered...
MAL-2025-6013 Malicious code in mooduliop (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f1271416f28653d9403bf610aaf03ff8b6c25c715c6c477b4e24a7a0577623d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5997 Malicious code in dex-sample-app (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5833f372bb58f2c3d63ada7d769c410b4464de4c9a0084d3e8f8ecbee863f4f Any computer that has this package installed or running should be considered...
Malicious code in @company-internal/logger (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d0932de39c3f8c9bcb34c9f241df2d154d4659532cfddb67ddd06e283c38c14 Any computer that has this package installed or running should be considered...
MAL-2025-5976 Malicious code in white-oganesson (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59cd363bc35266e8da511b349bb11e84db784a1bbd5fe29148aadb24aaeef2f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5965 Malicious code in vite-lightparse (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2be62813ca93fa71037568bc538e2ac083ad48faf1e5d0f362c4847d0f8a1b39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...