Malicious code in rpc-bot-v13 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d36bae9a92f55450da9079525255c532c3077ebdf05866aed4790c5cdb1fe64b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4809 Malicious code in @loybung/weather-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b8141e9c6d2ba6d7cf52aea200f4a596b4e7151c2c3a67b2713cd2cacc96038 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in bzl_components-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e9d92ea6bf2f83b7f1ef5fda995c4ca9b06ee0c6e4666b1ac581d884dbae28f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in mockup-js-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d47de2f1ea832ed5ca1de7b318fac1b4e38fd7f83c2b66d97c4c38cfab1da216 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4909 Malicious code in whatwg-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2c673435a301e9ed1203058fbaa25ef8011da36b69d1e3fab4253ebe9e4a6513 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4901 Malicious code in uvicorn (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d4f7ba398a2a6f412706dc52b14ad4928a3863790d54c8553cf728b68d373b2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4900 Malicious code in undetected-chromedriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 687b76dc0d575aed0afa6e7d747df99e768e0089d8a461c82a6a962a9ff9e5b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4894 Malicious code in tedious-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ac4ed635b00d44b10eedcd216610356c00baa2dcc266a9d461b148bd50e62c6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4879 Malicious code in scikeras (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a571a503cad6f3d53b07cecdc303ec31a63e8375eaf27100ef3699961d08138 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in opt-einsum (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5af28147ec311b3f20c1a63a200d242102077c353766cd3b77c9809bd0af917e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ohhttpstubs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 642efaac1637742aa2d3755af417f202219293d844b0c0ec46300fa7fdfaf046 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in iceberg-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80881b9c9051ea4744eeccd8038c44bb7bf6fd18b1535d8319cdf556cca76282 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in gunicorn (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 269ac7e0cc85fe2e3078f51d0b39078670681500d705eb403172aead25d9ca18 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4832 Malicious code in gunicorn (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 269ac7e0cc85fe2e3078f51d0b39078670681500d705eb403172aead25d9ca18 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4825 Malicious code in email-ext (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c4c79355714fdd4b93c7a36e4f249eee1ce00120cb74835c536968d2b6a2e3ba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4822 Malicious code in dplyr (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cdf19d4b885e033c180e0529d82bf2f17cf47d1db3d73421f6868366ae6da15f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4812 Malicious code in apple-appstore-server-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4ffc44075c7a6123e6fd516c9e8c1abbd98b481d26ae67ee10e814bec86bbe7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in third-party-dep-a (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dcc20155246302fea26b0bb40126bd6b917414a68ccedf962a12e246f3696f38 Any computer that has this package installed or running should be considered...

Malicious code in bank-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f0763ca6a35d86ac26d0d79bf3170ea38a642062f030c19ac17589065a5e1c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in nethereum-helper-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d1113e69bfa84d519a1db8e7d38e9f66170f41d55f60398de2f057c298838d76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...