3446 matches found
MAL-2025-49043 Malicious code in sort-keys-fix (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6fd040f6b48ad761cb38f7172921ad9f1a82689c1ac612e6f936271eaf1f08d1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in xo-shipping-options (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c21e6f808603d3ee1f0107b9f7e0a2fbf9f420f9ac6004090593f7fab29c6e92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in xo-title (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e05e0bfe7b552fd008c4ad64a4d0f2d0a842f898eb7ab753451781236101acc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in simple-import-sort (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc5caceb82a60c3342bf66bc4d6a60a268d94712079783637e89a40b6f374122 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wdr-beam (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16487b4b3ab32616874e0d9510ebc6c9ebf957bccdd7bfe6e84d60e0d1b89cf2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in airbnb-babel (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83df14bbf64c6c5ea72bac62897bd2bec7ea1ae91217dd206286fc4e6ba8df40 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49041 Malicious code in skyscanner-with-prettier (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 269ee691d4871e49dccfe0f756848ea5ef13360c6ff86d64bc7ddb718ac5d423 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in trezor-rollout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ddacc3033f82ae4ac26ccf3e7b622d3f3d7d8e04418bd1375f8770137641a7b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in polyfill-regenerator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7d3f5ade208f63787145ecad7643a32b6bf4525494a136967abcd7d0ba2e720 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49051 Malicious code in transform-react-remove-prop-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38145745ad3f626f3b5d35e2d923d4eec412bed8c0e4d5532dadbc5d53e5ff49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ul-inline (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15d6bb031b2303d28ce8296da9c8f534d9576044e57faffcf455a70b24aa6b9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in jfrog-npm-actions-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a600f48287c23fcb6db85ed0ed084de6ce12d7d3fab99e327ec306c6a84ea7f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in lfs-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c701260c51375b73d9b993340fc1b603958a46bf115033de75a5a57e7b1acc35 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49078 Malicious code in zeus-mex-user-profile (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3fc81d9c5665e17c547b5f656a72158c37bbde79ea7dab611838f87e54a37833 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in firefly-utilities-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 272b473a3935398e8bbe5ca323982f141f6961f34964660c00cc78fb21d922af The package firefly-utilities-js was found to contain malicious code. Source: ghsa-malware...
Malicious code in spaintest1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2104fbcce90cd97dbee8fa4f047b5bc21a8b2eb1009654e1d6e6542f95b9ed8d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49062 Malicious code in ucbuzz-web-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 822537afdb770182527cdfc92395d4fcc57ab88a98e6958ba68f93eb84f119ef The package ucbuzz-web-common was found to contain malicious code. Source: ghsa-malware...
Malicious code in transform-react-constant-elements (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d582d56f1f42a97702c2557fbfdcc90613da53d18adf5494b4f18c555c04398 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48990 Malicious code in chai-friendly (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d91de03ddaa79c1b3653f7324f3c8a2041bc2e0eb7082649efe9ee495d1a4eb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in named-asset-import (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41aa2c9de0b9bf1fc5a9cbee9d0442255a36d349e4645660908d01b2ac8db820 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...