489 matches found
MAL-2025-48401 Malicious code in supplychain-firewall-benchmark-hello (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 19af5203b034f6420f173bf6e45719afeb28ecfe359a8858cbe814fe3cd55d11 The OpenSSF Package Analysis project identified 'supplychain-firewall-benchmark-hello' @ 1.10.2 npm as malicious. It is considered malicious...
Malicious code in v0-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c3fed66eb2cf11c949abeefd6369b31cf4fb7eb2cace6da6e8df56e135fec66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48369 Malicious code in java-common (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 555d7c368b052227256d6f6b35ce4b6d84da939df3127667ff6e73515dbee1bd Any computer that has this package installed or running should be considered...
Malicious code in niletestpkg (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
Malicious code in nileninjapkg (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-48384 Malicious code in nilepkg4 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-48389 Malicious code in niletestpkg (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
Malicious code in checkout-ui-extensions-react (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-48363 Malicious code in filen-apps (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
EUVD-2025-24884
Malicious code in bioql PyPI...
Malicious code in gna_university (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b99833d7171de2f0404506d22b9ba4962fe6ee2fc193c8e7c6e8da0530bae6c0 Any computer that has this package installed or running should be considered...
MAL-2025-47849 Malicious code in gna_university (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b99833d7171de2f0404506d22b9ba4962fe6ee2fc193c8e7c6e8da0530bae6c0 Any computer that has this package installed or running should be considered...
Malicious code in propeller-solver-core (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a79fc2ce4f8dbef3a36ad1dcf36011f9d86435f347aa81ed601295d75e818b04 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in zenith.svg-loader (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f7d2ffc7aca71791695515d2f4c7d4cd7dae2e7767777a5a18bed84f9d94e7f Any computer that has this package installed or running should be considered...
MAL-2025-47593 Malicious code in package-x (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c97a3da4527d6f380ebdc150b7825a38cd9e5f84f7c854b9eabbef547c69c807 Any computer that has this package installed or running should be considered...
Malicious code in @bgrc/kyc-theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 491ac58a40b45ff06a00ad44a33a15bd95394c8fde64034d150fb31433a18380 The OpenSSF Package Analysis project identified '@bgrc/kyc-theme' @ 9000.0.2 npm as malicious. It is considered malicious because: - The package...
Malicious code in across-indexer-monorepo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b8fef241ea15f212acce31cd8bcc9d561a7f8a55c8367d778cca91c189d8a3a7 The OpenSSF Package Analysis project identified 'across-indexer-monorepo' @ 7.1.1 npm as malicious. It is considered malicious because: - The...
Malicious code in lynx-dev (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-47435 Malicious code in lynx-dev (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in suchinind (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a328ee17c3878f22beddf954e26fea98cfcedc0377a9aae3f9382b01cb55acf Any computer that has this package installed or running should be considered...