MAL-2025-5581 Malicious code in score-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ddfca851a951dcfa02da040d550eff2bc8d72f8dc443582d195d066d32f9dbf6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5579 Malicious code in rgl-transitions-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9ee572182c10b596368b86b76ad1cfdd1caa58a5fc9309b10259c1d373732fcc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5558 Malicious code in frontend-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27904d02d7b34509febe4e37adfc1393b899a8d8657ce860cd8920549eca3f5b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5346 Malicious code in ember-routing-htmlbars (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7464e55323e08fc50ba6b76ff3b04330666a207e832b601326e41eddd22625c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5342 Malicious code in videoel (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8021df1be7bd0e0fd9525b7be97565c05a05946d7c57fd4f234c89ce1b5de853 Any computer that has this package installed or running should be considered...

MAL-2025-5344 Malicious code in sdk.babeltest (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb7d26e89ca8ffdb305da3c7bdc066c71640e5a2f046f9172acf6308b4864c9b Any computer that has this package installed or running should be considered...

MAL-2025-5376 Malicious code in category_textured_background (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b79fb63e44acb7b89709ad74956de390dafd2a044dfe4ca90e3759773517a9a Any computer that has this package installed or running should be considered...

MAL-2025-5488 Malicious code in airbnb-location-suggester (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2737604ff441534b7aeae22ee55636471142cccc2d6e2bbd4895a8f640c30aa1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5399 Malicious code in ee_else_ce (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1573503c97a28616ebbe0ac70f2124f6761b31b0ead756cc1b9e6a9b4a116127 Any computer that has this package installed or running should be considered...

MAL-2025-5463 Malicious code in sweet-bananas (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3807ab062bdeb965d362dbcd44f72337ba1fe130268e3cae054e1defa1bdf0bc Any computer that has this package installed or running should be considered...

MAL-2025-5490 Malicious code in canvas-chache-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53cd51cc0d4949d913a5bc2368bc95601e8e8402591ad46084396646e4f75149 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5508 Malicious code in node-pkg-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6df8ca0c98ea357d77cecd453a9b679670af19bad2830fd82ee7cc85813b239c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5518 Malicious code in root-direct (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a3898ab593ffa99617da9a63938d10ebe716d857a81f756bac1b9465911abe2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5407 Malicious code in example-target-package (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c527df8a6a7f920a0fd9146bf4a738da075f6430ad4a523d1c345fe4deb26b7 Any computer that has this package installed or running should be considered...

MAL-2025-5396 Malicious code in dynamic-target (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb117b6b1845227fbb96ae7be9dce72567b6a74510e9d7e2bd415aa38d2685dd Any computer that has this package installed or running should be considered...

MAL-2025-5447 Malicious code in online-learning-translations (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 868acedaa0c2050db6943bc3a4a1b309e10110417f79ea031b8b01107f4fc599 Any computer that has this package installed or running should be considered...

MAL-2025-5289 Malicious code in sumsub-node-websdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d0f130a771df580704e11f7b16a38ff74d7630406d6acd868819477435c331e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5258 Malicious code in create-one-page-website (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 33e88b813de8bbedaaa44610c78b34cf8ef9b2bd2b7489a8519784f79b7434a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5435 Malicious code in media_videojs (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c9e2d4c098696f8d6f785f1e8a2674e14ce4fba193940fd5ed1fbe6eb8f1e266 Any computer that has this package installed or running should be considered...

MAL-2025-5381 Malicious code in company-secret-lib (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c27b257298761ee280760199b503ca3be60adbaf8ab92e36479e291e33db1b0a Any computer that has this package installed or running should be considered...