4606 matches found
MAL-2025-5824 Malicious code in securityresearchpocaplmalpkg (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b52864b8ab4058696fe0a34e9cdea2db8e1f9dec2fdb22fac1adeb4143cc63a0 Any computer that has this package installed or running should be considered...
MAL-2025-5642 Malicious code in open-source-catalog (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f3bfbe0348c0d5c8d07d2f1fe1b504717cbe1e2f686ce8d05381049ec4df11e0 Any computer that has this package installed or running should be considered...
MAL-2025-5720 Malicious code in protobufjs-protify-example (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a1fc26bdc2549188a81eca766317ffb5fdf7c0f904db9df458c43a670a86951 Any computer that has this package installed or running should be considered...
MAL-2025-5681 Malicious code in cra-react-router (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b95c7c2198b6267e255cb12eb540477d4e18a5670ea43c3e0554eba957e80cfa Any computer that has this package installed or running should be considered...
MAL-2025-5634 Malicious code in token-renewal (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware de8c5eaca0b97fb9aad23e47e1d86057e671884d4b4f12781413b41d3d01e358 Any computer that has this package installed or running should be considered...
MAL-2025-5632 Malicious code in auth0-styleguide-website (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4ac62aa1f1cbfe11927a1bc4a54326be2b214f65a0d101d475bf45c44b0d96f4 Any computer that has this package installed or running should be considered...
MAL-2025-5631 Malicious code in canonical-bridge-ui (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e38c4c4332b7b6efd48d2c9360444d99754e398a49f7099e1d7a5cef7fb22358 Any computer that has this package installed or running should be considered...
MAL-2025-5795 Malicious code in sentry-eslint-config-internal (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9ba8b7f921d459f28baff326f2eb32b49ed229eb7e2d551526035c8fcb2b420 Any computer that has this package installed or running should be considered...
Malicious code in on-off-ramp-demo (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2b6976f60e83349939cda55fa116d6f3df6d085aea3969653b767ba47863deff Any computer that has this package installed or running should be considered...
MAL-2025-5619 Malicious code in old-header-parser (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 315f759e577d29f8c6922c09f69169b191d3c8886bae205c9d3925d4a366688d Any computer that has this package installed or running should be considered...
MAL-2025-5618 Malicious code in mre-layout-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca72674752dda2346e914163e1a4ce3dd2a83b813747ebf2e4330596b0afb2c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5669 Malicious code in baglass (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 913b103a92c5fcd2b5407e2a094f43906f9c214bda154709f691ba0bc2f263e4 Any computer that has this package installed or running should be considered...
MAL-2025-5804 Malicious code in baileys-cleaner (npm)
The package communicates with a domain associated with malicious activity. It archives /home/container & exfiltrates data to catbox.moe & Firebase, including IP address. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware...
MAL-2025-5705 Malicious code in lunasec-sdks (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30db7cb288f3beca8f5d1a2fea732e95b2d3c3e391211e7efd835f0cd960e2f9 Any computer that has this package installed or running should be considered...
MAL-2025-5592 Malicious code in comcastapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31612a7938787ffe91079ad30056051f31a068066752a935bc2123267f409730 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5612 Malicious code in grafana-lokiexplore-app (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1cc39d2244f7b9883cfc8aab3dbe6a56ff2c2fc6469f5b351b1321c1670f261f Any computer that has this package installed or running should be considered...
Malicious code in hardhat-deploy-notification (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2081250ac75574ee18ddea2caa510104e94d2673de1ad4fa445d96559d2a1f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5583 Malicious code in solana-dextrade-parser (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b8f89467fb69d00785530ca32444043368fe523570c7f428d485319782d845a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5574 Malicious code in queshymouse (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c9ed49fc5c8d51a6b30914c50d0accfc41ed0ff18c278024d7305959eb9a7906 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in discord-rpc-presence (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 643ae80a9f56002d18b03d93bba332b1c1c49c5d45f995a1269030b4a3c90b7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...