448 matches found
MAL-2025-191311 Malicious code in @silgi/better-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 528101596869077cdc065844f592e42299e9806c92d2b4f6f145ccd18194fdd5 The package @silgi/better-auth was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191083 Malicious code in create-kinvey-flex-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c18f134df78210871fbeb0ee41ee973c4622f7c2f19cde796751a63da45cba75 The package create-kinvey-flex-service was found to contain malicious code. Source: ghsa-malware...
Malicious code in gatsby-plugin-cname (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d533b6b1c548148392393696a1a82fc32d46ae923e8a30cbc2e7a9118b1ed21 The package gatsby-plugin-cname was found to contain malicious code. Source: ghsa-malware...
Malicious code in formik-error-focus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 563b1001dfb7ec0dd27e7ac49eeef45e9a82e958b34b3ee74a4d59b1dee79775 The package formik-error-focus was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190977 Malicious code in n8n-nodes-vercel-ai-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e3e7549add420dd6e29fcc100779e22f42e36e3d6a194d64ac5cefe5a764971 The package n8n-nodes-vercel-ai-sdk was found to contain malicious code. Source: ghsa-malware...
Malicious code in @posthog/drop-events-on-property-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1dee879dbf8f8819008c31e641e4fec6584690087c6929cba530e9171464cb4 The package @posthog/drop-events-on-property-plugin was found to contain malicious code. Source: ghsa-malware...
Malicious code in react-native-modest-storage (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 649036aaea8dd08096297925551b715d5783be0879a69a6651f2cfd66b8ee75f The package react-native-modest-storage was found to contain malicious code. Source: ghsa-malware...
Malicious code in enforce-branch-name (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63b39bd3b9b616432b7d29c60d2da9d425b52f8823742287d8f6c4203319383a The package enforce-branch-name was found to contain malicious code. Source: ghsa-malware...
Malicious code in @actbase/react-native-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6903aaa72b2c62de00654968d7729b4fd07bfa78bf68f14c1ee924f6c5dde9c2 The package @actbase/react-native-devtools was found to contain malicious code. Source: ghsa-malware...
Malicious code in @quick-start-soft/quick-markdown-compose (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4390993c4dc5c3a55b6da923961e34a8fa5caa1f06de7f3ac1ce24dba811c018 The package @quick-start-soft/quick-markdown-compose was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190763 Malicious code in @zapier/eslint-plugin-zapier (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4f3af0dfab295d120b932902816e065f092b48671909a971a2994cb3cb5afd6 The package @zapier/eslint-plugin-zapier was found to contain malicious code. Source: ghsa-malware...
Malicious code in @actbase/react-daum-postcode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b6730961ddc6bcfd14bc8564e2a8ef3d34d757e1ffae65ed7ff88232e115104 The package @actbase/react-daum-postcode was found to contain malicious code. Source: ghsa-malware...
Malicious code in react-icons-toolkit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 224e1d5b1a2b01321da822c843e2013f28320e4b9d4d74487daef59c812557f6 The package react-icons-toolkit was found to contain malicious code. Source: ghsa-malware...
MAL-2025-49249 Malicious code in bael-god-admin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54ba754b9dbef244bd2b53886b1f45560769963fb3cec0acdca0b97146c4748a The package bael-god-admin was found to contain malicious code. Source: ghsa-malware a5f348ec1bb90ae0b0173cad94148bc4e8942fd31411b6ae86b2a81f71aa4587...
MAL-2025-49079 Malicious code in zohocrm-nodejs-sdk-3.0 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8667273dd1820eda9a1a67abda3359d484492251a23ee3bb7acb310721b92ed5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in powerbi-visuals-sunburst (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 707c0139d214cc2c615245cb618d8e272c7868e912755bc359aaadb5415b1273 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @aio-commerce-sdk/config-typedoc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7115c3c8e9d8049f239251eeaf99504698b6eea04f36d5490dedff17b173f77b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in discord-utils-enhanced (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 678d1a77a40407ca303a4cb46ec3bafa609ffa4d3e354eac59e799a499fb4b68 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48572 Malicious code in mender-configure-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0e954036412bb11454b4f5fb99bb6ac9b672d9b5542bdbaf870a9a0e20b444d9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48258 Malicious code in mad-3.0.1.2.2.8. (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 22a95aaaa7fd9efb994a7a1fc912db0181f2efa04105dd37a1a368bab0cff576 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...