MAL-2025-5655 Malicious code in maliinn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dea697dc03b11e99e6895070c9fa053b8db92510a03201f9545dcb25bd373199 The only goal of the package is to execute a webhook or a suspicious file during installation. Closely related to 2025-07-0x9xnx - created after previous...

MAL-2025-5653 Malicious code in hellodista (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 988e08e45c0c2fdbdf337e012d3930d14eedbe4add858a55cee2156849033b90 Series of packages mostly with an obfuscated infostealer attempting to collect Chrome data. While discord webhook is usually set to an example, there are other...

MAL-2025-5538 Malicious code in k6-studio (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b163d493761fa12ed8094157415651ec1b22824f021a7483637346825e08cca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5537 Malicious code in @frontend-clients/design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7fe458099d7b7c0662a9f2283b87071d2afc98b120e402fc20ce916a5b5962ff The OpenSSF Package Analysis project identified '@frontend-clients/design-system' @ 10.0.0 npm as malicious. It is considered malicious because:...

MAL-2025-5339 Malicious code in microviewsharedwidgets (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4a0d5ab634b9ee74c4cf591a4cb1b7f151f6f7116e6cd32bcfd80464d278f1df The OpenSSF Package Analysis project identified...

MAL-2025-5326 Malicious code in jsmdc (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d2c0aff7f35c88859f22a83734bb661c5d66f25262f8c09e97870b387cddbc2 Any computer that has this package installed or running should be considered...

MAL-2025-5316 Malicious code in plugin-api-version (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f4f1500b9b02566e5be415a195e434461c5dc160084330f80c8eb4c726a2563b The OpenSSF Package Analysis project identified 'plugin-api-version' ...

MAL-2025-5330 Malicious code in titan-exchange-shared (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bcbcec353cd72f56bcc238f2996606b61523a85e851d694e96012a54c027f606 Any computer that has this package installed or running should be considered...

MAL-2025-5329 Malicious code in test4-ross4 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1256f1681d37e739f697f2ec935fbe38c8daee3a0979753bc49f82dca162a841 Any computer that has this package installed or running should be considered...

MAL-2025-5306 Malicious code in maybe-i-would-like-a-banana (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 662fcbfd490d5409f2a17a156785c7d82b81e2c57e0c67d1ae701ccf49fff1b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5307 Malicious code in side-effects-package (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 82b6dc5cf513223d6d09a04e6a0a1291c7ac2be14c46381e61d023f39c00b8c2 Any computer that has this package installed or running should be considered...

MAL-2025-5297 Malicious code in pkg-dev-deps-only (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 485d0ed1b5c95a60c68f04e0d03f68c9cb74cf2f0d2cc2181b99be5b1b8d7dc5 Any computer that has this package installed or running should be considered...

MAL-2025-5298 Malicious code in prototype-poisoning-package (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb7e50b04c4ffcf207fdb21b54873ca1488fe7dd526b90c1206bc830af9b111b Any computer that has this package installed or running should be considered...

MAL-2025-5320 Malicious code in natel-plotly-panel (npm)

The package contains suspicious preinstall, preupdate, and test scripts in pakage.json that download and execute code from a remote server oastify.com. This allows for arbitrary code execution and exfiltration of sensitive information username, path, hostname during installation, update, and...

MAL-2025-5296 Malicious code in i-just-love-bananas-dont-mind (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 23aa7188231dd22eb43f4fbc309dbeec0c8d18b512111786fb8e61c70e65b993 The OpenSSF Package Analysis project identified 'i-just-love-bananas-dont-mind' @ 1.0.2 npm as malicious. It is considered malicious because: -...

MAL-2025-5294 Malicious code in validate-rb (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7975ebc737a4c604d0d25ee00a187fde74d2442953ec305c57c738ebd4cdedcd The OpenSSF Package Analysis project identified 'validate-rb' @ 1.0.0...

MAL-2025-5290 Malicious code in nf-cl-loger (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0ef6d67424e2f4b0f602a07367e287f1764cf98b2d5fb663a5bcef30ed76950f The OpenSSF Package Analysis project identified 'nf-cl-loger' @ 11.0....

MAL-2025-5278 Malicious code in codesandbox-deps (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8cbaaee48ac510c9d11bc481194ff5a4006d0233d8d2d06a3422628cea6a879 Any computer that has this package installed or running should be considered...

MAL-2025-5331 Malicious code in undeconf (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 513c9e34a7d02530bdb34fc364d7c5411914263c5960f4a4cc7fa967c3c01f36 Any computer that has this package installed or running should be considered...

MAL-2025-5325 Malicious code in jira-help-tips (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f8b0652aee06598b2ce4f2f215e70f168e2d91b3058832a20069ac391d6a3c0d Any computer that has this package installed or running should be considered...