448 matches found
MAL-2025-5037 Malicious code in mafid-dev-fe (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 36b547ef1882f646ffc42cf752909cf2d8483815568ff161e37189b3d3ca5d47 Any computer that has this package installed or running should be considered...
MAL-2025-5014 Malicious code in test.reativity.package (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c6f730b0a0fe3d91bde9a315e7378e550dc9f7227742ce7918c5caa6d9a88d80 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4967 Malicious code in traceviz-angular-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd91335d1e9106d7a9f2dfe3a76ecdb4e4cf5008dc0da1a864d0e1a084f3f1ec Any computer that has this package installed or running should be considered...
MAL-2025-5044 Malicious code in newcheckout (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab73dae51de90e537d8afaee36a7058bb0183de2d5489893830bd77d22b5e6f5 Any computer that has this package installed or running should be considered...
MAL-2025-4935 Malicious code in test-victim (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cfdba951804f9f995d7d98ea8a645ead6bc94767502ab6a7943133b5e34125f1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4934 Malicious code in zora-utils-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0a55ebb2c5179f192b3e0cb586a0bca313b3288b7b71ac7bd70725eb2d41b1e9 Any computer that has this package installed or running should be considered...
MAL-2025-4932 Malicious code in uniswap-v4-scratchpad-poc (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 01754c5d133c195a4c109504b5db8355893e90a308a2317d421d8f2d034cad23 Any computer that has this package installed or running should be considered...
MAL-2025-4854 Malicious code in ncftp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4bc7a5d34f3860004cbdbf4f622418fa2383dd3ba5ebff2ed2074a4a13d1b85d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4753 Malicious code in my-headline (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ceef507a7783e91b9901900d55040847c4c3866b6da30892e317299f295b3da Any computer that has this package installed or running should be considered...
MAL-2025-4760 Malicious code in prod-shared (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 480110f6602e42420289e8da2e148e602ed3fc69063ba8c47edbcf8110c0c397 Any computer that has this package installed or running should be considered...
MAL-2025-4706 Malicious code in virtru-design-params (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2c17dc3a9d15ee9a1acba1ea2eac04dd9544e09908d2014fcb8b9c689ba07c29 Any computer that has this package installed or running should be considered...
MAL-2025-4659 Malicious code in ua-aio-h5-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab58d896f2b725bec2019a299fcded18aa3b8608029b55314c6b34b5c3d4d195 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4734 Malicious code in com.meta.utilities (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 592e7d2fdd81405fea876197df41d2cca8625ba879c21ace66ff6e3fd9a699e5 Any computer that has this package installed or running should be considered...
MAL-2025-4509 Malicious code in staking-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed875e99aa706cdf029805b265862f59262c88e1e713e3acc53b2cb78fa82ac4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in telegraf-mysql2-session (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 432e5e7e175694d2e9e62a162420c843115ff95f1a9adc5b1f590b6e703f3f41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in blur-key (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c1679003578817df182a4bac6670c2bf5d42f7fd4189d6ef78bc81206827d1b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4582 Malicious code in typescript-go (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d064fc87553ee2c99deda671568a19f3fd4d86e854e01e944343d89c70a99faf Any computer that has this package installed or running should be considered...
MAL-2025-4562 Malicious code in html-report (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76dfd70352bf673a00030f6d35ad320bc633fad730881d95d897d878d7ce662b Any computer that has this package installed or running should be considered...
MAL-2025-4576 Malicious code in react-native-xaml-repo (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d64cdbdbf3b2ec9cf523f3b4b0b787c947b6c50c2d4d42bf96c13cd906d84c9f Any computer that has this package installed or running should be considered...
MAL-2025-4460 Malicious code in winstons-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7ebc9796eae3ab4eb7380710ff205e061c750965207974c71dba9f0d8d2ae8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...