4606 matches found
MAL-2025-5459 Malicious code in secure-r007k17 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bbd04d692c36ca50563b6dbb1de8053730817b3f74b9e23389dd90505621062a Any computer that has this package installed or running should be considered...
MAL-2025-5262 Malicious code in vite-loader-svg (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5880f6d590622e99ff921eeb4b6de62bf0d1c7401a5c5b1cb7137b2b091769e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5259 Malicious code in deere-ui-commonjs-shim (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a67ec4bddb1b8af04cfc08903b303377f2c20937c3b6f13287bcb450d2189a53 Any computer that has this package installed or running should be considered...
MAL-2025-5240 Malicious code in monorepo-lens (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f3e71104e7ff045d83a7ee05b586b32a0dcd36fe13de652bff3133b84d340a3 Any computer that has this package installed or running should be considered...
MAL-2025-5223 Malicious code in by-category (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 33dcda1b7529d698b9f0ef716b79ce2d398c3e9645ea0e6514fc6a6580ee9df2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5226 Malicious code in fix3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a570744f3eb415e9f6dc103a46162807ae15fcf346c531393ee20268c83b660c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5214 Malicious code in lucca-sdk (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa129a7dd1ddfa81578c1d0a9cbbdbc772f98c73d3f2f6c55a23c1dadb362038 Any computer that has this package installed or running should be considered...
MAL-2025-5198 Malicious code in pfm-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 166c95fcae61b48f203052e0464f5f7ccfe8df81b02fcd4d12440c0dbcc74893 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5205 Malicious code in rma-shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware afd3860d2c559adbec7c4b9f7969ba91923264af177c77229e3f4a50e31f9ac7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5188 Malicious code in web-speed-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a061b921a44e1b6ddb0a7050eb5156679a950673f1fcfa787aa15ada94251219 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sentry-docs (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 688bb145ba010593bc53d4870250dfa7bc897a70a613291ed2352ba008314c84 Any computer that has this package installed or running should be considered...
MAL-2025-5161 Malicious code in jimu-arcgis (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7562fe8691e7f400454c23c32acb21241492a486b70e2d5e1cb597251c8e9c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5150 Malicious code in app-prd (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb4dfa072fe28f45493885c483db8e17cfb04c8c56db854534cfb053b52ebfc6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5008 Malicious code in @openapi-platform/git-util (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96bf6ba53f72a3f15a38886bfb459f601a5de59cf964ebc169b368015d75e967 Any computer that has this package installed or running should be considered...
MAL-2025-5006 Malicious code in vscode-websearchforcopilot (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 247d22ce4a478ffa11b9b10a31460cd13afeba961c80bf8f08a8557aef325569 Any computer that has this package installed or running should be considered...
MAL-2025-5000 Malicious code in cascading-picklists-extenstion (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7fa598a6ca358e662bbce1a99296fb4e87cfeb954903eed14989fd61bc8bf0db Any computer that has this package installed or running should be considered...
MAL-2025-4977 Malicious code in neuroglancer-rspack-project-source (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd14a9249e5b9f2e191e4d5577ce6e20a78b7a315f3b1d026f8e4af67f8afd8c Any computer that has this package installed or running should be considered...
MAL-2025-5071 Malicious code in zora-metrics (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89561cb32e5173056b6ef51d8c685cac2ab304eca6024d37f963d31688e93820 Any computer that has this package installed or running should be considered...
MAL-2025-4962 Malicious code in zora1abs-protoc01-sdk (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5e1f6f2a0db6c265885a73e2231e1e0b8b7498988fcbeb1acb543de2ff113770 Any computer that has this package installed or running should be considered...
MAL-2025-4958 Malicious code in snapshot-server (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b418521074d89cfa7dafcbd2a57c8ea782c643409c895f9ac30d372688473947 Any computer that has this package installed or running should be considered...