448 matches found
MAL-2025-1132 Malicious code in hire-task (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c290018cf38e83059255d39fb3be4583fdc5dafbdc157034cda22edd1c80893 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1102 Malicious code in csvue-unplugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 409257b16103ee7b420a285630aeb8985fe42d7e0ef833aeeed9c03d9539f620 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1100 Malicious code in csmagnifier-vue3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a41b68567cf24680e7cbca7353ab826a7c2aaf25438fa38f0d0187d61d34d0bb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1080 Malicious code in core-exchange-spec (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25841b252b02710b4266777e5590f4848c43a4cef55f97355283e0db4fed64d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in auto-claim-service (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efa2e8f48f3db602101174a240d4b1f09b07e239bfb6fb4770cbd0cacd44583b Any computer that has this package installed or running should be considered...
MAL-2025-571 Malicious code in ebay-testeru (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10bc1dcc6bd74446e082ab66f1aa06c7ad778cd162497ed913f8b9678c4068b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-329 Malicious code in ai-plugin-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 375f6ac1b62a76dd86681b0fc33bfe8a4162eb0ff032e0d0c96e5bb8735d7953 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-332 Malicious code in charjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30d644c2eb731d4dcad0bf39f80c41f09bddda4c07d8d2e90ce7a1e1b55716ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-317 Malicious code in viewport-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 267002a03c6d919765b3d26bea4ac822e509a4829c59b075764cecf051da4722 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-289 Malicious code in custom-colors-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 032f8182b803592f8c4bcf04cdc223b43ac526a86a9e8a273bcc8177682b96f6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in babel-plugin-i18n-calypso (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5be90c4dbcb38fbd7461004561537640adcf0ee532efbe124872f5f11ebd82b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in showcase-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 72fdeda4a40b1170fc3888255d22ac1cb9cfe37834663d8a5812539c21e7c8e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-223 Malicious code in prem-bot-convo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8cd47585859b799eb8fb019210456a4cfd1f1e439e305455338438c8e21be566 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-238 Malicious code in selectkit1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d1e92cc92e640c0bf6819b70d715c79a4367d8a82101409a67189bc33c67ad4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-246 Malicious code in ssb-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 44300dee438c70b095b042f4a1afc1779cec04cb569698b2622ccbae1a045f05 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-127 Malicious code in hello-hamid-world-npm-new (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 539c20029ec03b9e0b517324e4c69c8223fb3353722028788169d41256d1ef80 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in swisscom-scaleio (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c56983709f53a43b82244bcb874d8ee94f893ad1f3c90d2bb0c4e875d5bb97b Any computer that has this package install...
MAL-2024-12149 Malicious code in js-dos-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d534d9ec05d6809f40b3db232c0e24e612234ca30b7d46155b7aa6043c7d02a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @add-wallet-exchange/import-type (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 009dc7d5e85690b3a1fdfe88879a357c8277b755a5983e5e9bcadf1e2624af1a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12021 Malicious code in playwright-1.48 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c425d60dd5426771b56cc598b6cb55fffa7b0444728b06e2d6126389582b0707 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...