MAL-2025-3951 Malicious code in examples-formic (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 074e879e97761583a22531a3d4f917977ac387e40c36bc5eb35e3f4b367db196 The OpenSSF Package Analysis project identified 'examples-formic' @ 100.0.2 npm as malicious. It is considered malicious because: - The package...

MAL-2025-3957 Malicious code in vscode-oja (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 222332856f685e334465b24346da36177ea57028e903aaf5c7b6fc845f1e601a The OpenSSF Package Analysis project identified 'vscode-oja' @ 100.0.2 npm as malicious. It is considered malicious because: - The package...

MAL-2025-3949 Malicious code in evo-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1963187cd4dc65fd86ae4bdae898bd2fea39e8e6a8464b3b00e2a83f5dcbb95b The OpenSSF Package Analysis project identified 'evo-web' @ 100.0.2 npm as malicious. It is considered malicious because: - The package executes...

MAL-2025-3938 Malicious code in pootle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 02e85bef7e8a01d18636b40c7543cadd257472b0b984989ba4ca747f6c4c6f5a The OpenSSF Package Analysis project identified 'pootle' @ 9.9.10 npm as malicious. It is considered malicious because: - The package communicat...

MAL-2025-3929 Malicious code in apilogicserver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8beaeb43103672154062bf9b44734e305dad9ba1e9bbc6453d539cefa3e29f62 The OpenSSF Package Analysis project identified 'apilogicserver' @ 14.5.0 pypi as malicious. It is considered malicious because: - The package...

MAL-2025-3804 Malicious code in pog-ui-landings-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 958b647cd78bfe4822d3c9b88bb93606783f6f5c4f46fb06c118181cc545fe5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3803 Malicious code in @tribal-worldwide-london/fa-api-service (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7abb29beb3adf2fde080d372cbc17b456eb664ce599ea06f814aec289841241 Any computer that has this package installed or running should be considered...

MAL-2025-3948 Malicious code in developer-bridge (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 13d76633d0e28457718da249adad23171e53973864ef3e53406c78ced005d3af The OpenSSF Package Analysis project identified 'developer-bridge' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2025-3956 Malicious code in qlkube-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f3dbf8b78dfd8c62a064365429aad674f445926ed19a43a3ac031b864d3fe2c1 The OpenSSF Package Analysis project identified 'qlkube-docs' @ 3.0.0 npm as malicious. It is considered malicious because: - The package execut...

MAL-2025-3784 Malicious code in webpack-cli-v4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6923a0b0ac00b6df0f50acbb796a23891fbe7d857f5f130a62b03f3a7cea9da8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3783 Malicious code in webpack-cli-4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21ddac203965243a9f1a0fac7e0e5e5217dec4667917b4d23c3dc0e7780d3176 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3745 Malicious code in odin-backoffice-starter-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2982abf6f95afddda54146444463c8334c7677ea0b5d8fb203c536dc54470188 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3737 Malicious code in com.unity.visualeffectgraph (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 612fb4f703fb888029e1ae8bf1069fc5719a9288ee946e4210c5127c665c38d9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3732 Malicious code in com.unity.render-pipelines.universal-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e796de3cb6203dc09766f14c46913307a4c760e4cd01047b30993c7ac605648c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3733 Malicious code in com.unity.rendering.light-transport (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1fc9f46e39b3f3be7d09553ea71c7f7f3611b95a6cca1730f90f7094dda0ad54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3725 Malicious code in @nitro2/shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 140caf464a34fc34d7fea71e7561ee5849558b1ee1c7987c9a38c265eb22e4f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3727 Malicious code in com.unity.formats.fbx (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 583302188f1d3c02ddb7580ef4df38be05d5acfe23e795966baa799cda4efa8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3734 Malicious code in com.unity.robotics.warehouse.base (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c888bbc76a87698356b86c72559a95c4a77dd4440e06d6ccb1423ae2aab3bc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3728 Malicious code in com.unity.furioos-connection-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68c58a66214f806ff93b92a26cc583bbad8e5b14bde97afe154c5c850bc40585 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3730 Malicious code in com.unity.perception (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 882160cfdcc85287d81ae0b812ae0b3e00bd6254e018d4268f6e54655839a10f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...