Malicious Package

Overview @copilot-web-widgets/common-core-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization a...

Malicious code in @copilot-web-widgets/ai-writer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 370d6b958dcc6a556f2ee4be3946c6a1a995bb05d4217f408f2302dd397689a2 The OpenSSF Package Analysis project identified '@copilot-web-widgets/ai-writer' @ 1.13.1 npm as malicious. It is considered malicious because: ...

Malicious code in @copilot-web-widgets/common-core-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 148c6b43da3f4ec787aa611cf721a390eab6918627604a9405d817955e2c472b The OpenSSF Package Analysis project identified '@copilot-web-widgets/common-core-sdk' @ 1.11.0 npm as malicious. It is considered malicious...

Malicious code in copilot-web-widgets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fbb28669371353c111a05f7fb6bb2803179610b8ccec893590a34d2343e90fc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...