2045 matches found
MAL-2025-3890 Malicious code in flow-plugins (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8cf17ab0e3206656aa1196545f14592f01b8a02353963e6c158dbb80af69dc75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dotenv-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 503db890e3fc82d35cc6de9ca072e67dd6c86e450fa82780fdac9dba5db59167 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vsock-sdk2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87d1181c9c02b4d4e06d16cac778739608a055f903fc4b34137a5186bfcb3152 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bui-react-10 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7efb9896b372501d00ef7c23655b29a8eed7ffe274410cb4d2748ec4aa96eda7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wagmi-ethers-connectors (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 204a9c16773cfe45fa9f2feb11287e056c0e87a52cb5f091a1e38c2469c69148 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3926 Malicious code in wagmi-ethers-connectors (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 204a9c16773cfe45fa9f2feb11287e056c0e87a52cb5f091a1e38c2469c69148 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3899 Malicious code in jb-sol-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e07a37ee37ad01b1e0d3674307dda8f293b0152cd93544305a2bdce1340c6035 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in valida-bepass (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a800b30f2110accfe121855b537578c4a8155e993dcb5547017d34352fdc1c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in lululemon (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b30dac91622fe4bf2b0b8efae85c2746a4bc8c4dc848d9ababf9fd31582dd9dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3853 Malicious code in rushstack (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b991f4891d1df3ceec8938fb7ae61d26651d75afce6f8b5b8317d7532e64b9be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in passport-thecity (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware defb7627134320679ac575b55c8a7ef1fa8d74d48f00766173f0214a95905c3e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3814 Malicious code in ai_challenge (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cac3284458d7620929c88bceb52c6a1050042e2974e32bf76827af876c55b4be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3854 Malicious code in shaon-media-downloader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 558572daf3fc57c68d96e761789af95252072a63def7fbecefe3ff6d8ba5ab9d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in webpack-cli-v4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6923a0b0ac00b6df0f50acbb796a23891fbe7d857f5f130a62b03f3a7cea9da8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in next-auth-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0038c51339b63eb3fe77a5d623ae004832f05cc831ff582362d202f30a49072 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3747 Malicious code in @myop/angular-remote (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c529845135f67681059adf0cf2c0ef30da66673da293016d5c193e8162f8070 Withdrawn Advisory This advisory has been withdrawn because @myop/angular-remote is not malware. This link is maintained to preserve external references...
MAL-2025-3770 Malicious code in nimiq-supply-calculator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 488013c68b42615c46c340c4a4ae6645cfb0bfa492440ab3d0a89018da156379 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in voting-client-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf794ee7b143c582d6e666fee322ea82e99f42c967869b76953c90e12821c6a5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3776 Malicious code in wwemix-contract (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7daf26cbd85174b1078f76ef7384573ce289257c6f91bb68462f87d436d832d5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3758 Malicious code in coinpayments-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03cd3ad7581d9fc90c9a03479a13f8edcb80a999a15a2d7c2dcfc0a30b6b6ac5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...