Malicious code in finactivitiy-run (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 40384a252c4486d358490b425b64817feac8db7c370887b9296e81d4c2d3ac51 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in js-0.8.3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 476e6142baf13923d3fdcbbfce1ea57ab2f62bf72a7c190d3213bbfa78364bfc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in gift-chii-true (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8c3405720bd581e08c810cf39cabb85e555401ee4d970d5a2bf1b90e5ec635a6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ts-immutable-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8973314ba8fa2b03657d72c713210715041e6b5afbf03cacf105e886ab18c68c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in iron-github-io (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2759ad6f6329e6837cebf29c50582adcc402d3ad085598b405b7005047b4d9e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5899 Malicious code in bombora (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c027bdb1bc55b07a5f9c2c6ffbb94c9842ba4bcc238041e873cbfe31ef4832d8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5937 Malicious code in neolang-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a41d15d10a19dc41dd5c801307932369ed7f51380fcc0fdb1478e0ac2b7ce9e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5859 Malicious code in @subsplash/auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 689eb4db6c52e3ce55d130f22da039b110c816b7a03395db966a87086272fd42 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @subsplash/auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 689eb4db6c52e3ce55d130f22da039b110c816b7a03395db966a87086272fd42 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @cbre-internal/mapping-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3eff43200220833028b414d72d609d46c1bf24b68f38bee948abf760729d76e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in aspnet-asset-management (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 068ec09bafae1223e1ebcc83c97b674b7188dd9ca13b5b73d241bccad793bf88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ultraconvert (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e05cf9459694fac15785e7fdcb157daa4fe5d8a7026e9f6e67ba6873a0ec3ad5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5865 Malicious code in ultraconvert (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e05cf9459694fac15785e7fdcb157daa4fe5d8a7026e9f6e67ba6873a0ec3ad5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in preset-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e3a5769ecfa64cabb03e45079fe53e40fc3c3db25ea4848c217397abde544a6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5768 Malicious code in comment-on-task-github-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b72236d210ad08858f047149a80c8690160ba7d9e24089047dd82efcc25db90c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dradis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7954d52cb9efed1e6bca698b7419519943e5bfd49e00332c59356fef7afe6cf0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tyrtle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a6e13a7780a46e82cf53e4515084323c593dd81279f30c4010258429cb0beaba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in hubspot-cms-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb6184defa0162c7c46179a4c0e85e5df794bc2fadb23f9649184487324684b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sample-nuxtjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f0517b841d711c41128943f51ef66b39a1841448b03eb175aec218d141d8fcdc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5770 Malicious code in dex-core-v2 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43ea4e0d3d0e8d1d1bedac44fc35d275146740cdf21e51a4328174bc6304e064 Any computer that has this package installed or running should be considered...