MAL-2025-6181 Malicious code in mydealer-content-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9da35bc1c296ca992821d1f1281d06c374f7f4c286a9fabd69faec84e55cb902 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6167 Malicious code in internallib_v687 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6318396222e5333ad64494337976e8a02c2b768d761e3cc59c41dcfb18e57570 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6155 Malicious code in community-pass-react-native-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45d465e1a0ba3936c02d875635041ba0362e96dee19c7f7d727391a4bdcb5dc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6203 Malicious code in tfjs-vis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d519221dc58e4fd7327b4001cac9971d4a4e5187c9cb10dfcffe63b32e282427 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6187 Malicious code in nf-graph-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68c85cb3b4e04f7e1368dde1be75808c76da67cc6c23f52ed008ac697722496a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in rc-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5638d1bfc139a2ee01491c7afc44cf724fd4b1f7022fbf78bf9430a2cc3f236 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-hook-form-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7bbb033f9045b94810312d6c18ca8a53e34b6886863c10eaf2521f35349775c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in zeus-mex-profile-viz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38871f47fd1979b619cbf11895907214ada4c4f1edca195009d3fd9f4ac9fcc3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5911 Malicious code in enterprise-stencil (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a1e61d1ede34eeeb27d8845dbec391e8cc88fa906714cb1df64392d9332f46ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5977 Malicious code in worldapp-fe-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5fad2c4c3d30ab00bfd237b6e51443fe6108d11439361d023876477d325a5e8d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in cloud-binary (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6cbe7d6cc6be5cf0a2d185309e6f0adc10eaeb825f7177874f19cbb09a6ed7e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in vite-postcss-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a86cf25e81b6e1f513cf67782d9ef778fe14ad1eba93f4a28adb2c1f63bfa965 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in pretty-chalk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d026c38e3bb7cb5b1d371ac307d4728cbb8ded9508cb84340eed05baf1666948 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5967 Malicious code in vite-postcss-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a86cf25e81b6e1f513cf67782d9ef778fe14ad1eba93f4a28adb2c1f63bfa965 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in azios.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f13743f8abbcc019c216daab17db9859fa997c1e9db567e6f39ac8240e89f91e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wb3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e87f4d934640afbd1d8d2deecd75fb681e94cee807f301d6643bf09e55c699e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in axio.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bfe2ad5a0a19b2113a984106f8802f798b7545a802731bd8478cc635df4defd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5920 Malicious code in grafana-strava-datasource (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c38acd1154b6064c05313534795a57d0d6e586cc8ebd1a6a353b4ccaa3b27465 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5970 Malicious code in vitejs-plugin-refresh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 243a4e663f29ec03aed634b87165dccaf6f345b2e1c92479b95ef6fd28474ba5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in themeone-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17ebc64d4990db35ad6d321dbbff948ef76f999ca0a2e279f26644a32f0abdc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...