MAL-2025-2226 Malicious code in atlas-user-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7efee27a6c041d66384de635910c04fe43fa2c193ad0a47efb69acb84fb16ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2224 Malicious code in atlas-websocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8650c05b42abfbb5a69f65d884b445fcd038d3c56563d3ce5341af221bf80db4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2228 Malicious code in prblingd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7886e2696ffc6e35d7a80ad30ee51258e49c741e17d02b5d6c83d370fe5165a8 The OpenSSF Package Analysis project identified 'prblingd' @ 1.0.3 npm as malicious. It is considered malicious because: - The package executes...

MAL-2025-2223 Malicious code in patternfly-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 057836fcde782f283efd1e52688d31d8375cd7d963b136908d1457ea24e64193 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2211 Malicious code in realityspiral (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 750c382ff53ef751feeedfaf955cf5b12ff8fd6f91a1087c0616eddbab203913 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2219 Malicious code in sendbird-chat-sample-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ed64b926ca67eeb78b98e8ba6fdaec0bc57f79fc486f9d178d69da4b0b92f7d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2205 Malicious code in wrap.scrt.network (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb46cf4f945ffd141ee169ecf371a571f2692a3287c77efe8a9ea92c4811acb4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2220 Malicious code in testsdvsdfsdf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92ea47bd0fd5d9fb7ce2355ae009d0d93f6136d1bdfb44814286c1a434683492 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2222 Malicious code in userrelationship-paypal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 522db266cc5ee9a741f9a3fde1a0f9e69cd84419296d3011e1e89833d068d06c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2156 Malicious code in tommyboytesting (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 264f52ff2f35da38715922f14fbd4a8a2fb8ea31fd56fdbffd735b410b7bfc2f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2451 Malicious code in idme-component-utilities (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1194c5ee341dd44fccad1c3e2a9d698dd452b384ab16498ae5b59a40f00787a7 The OpenSSF Package Analysis project identified 'idme-component-utilities' @ 1.0.1 npm as malicious. It is considered malicious because: - The...

MAL-2025-2216 Malicious code in @idme-components/component-utilities (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f94dc67ea91d37d381ca7625ed1162cd5013c5643066c51b18b123ab66fada91 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2152 Malicious code in certifications (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7d51c9defecdd382c5048eb6f92b32558355b8457b2b5cd63f3d86e12e8ed35b Package contains a reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-03-certifications...

MAL-2025-2155 Malicious code in sdxcode1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0e86442bd4bd6e2d95d5da4c3cf82c1961b38b57f4e51b8654d2d3398990dece Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2149 Malicious code in nmp-frontend-libraries (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9320142027c800d4b8427512d6c6c219bc910b204b892be28af3a3849302e649 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2148 Malicious code in d4rk0nm3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fcd44fdf07755c2f5060eee6df68679af14c7bd6185b52853041856db638c7da The OpenSSF Package Analysis project identified 'd4rk0nm3' @ 1.0.6 npm as malicious. It is considered malicious because: - The package...

MAL-2025-2070 Malicious code in connector-colaborator1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9a80cb3d91a164687c80e6c2353408b9a523ab14d72481ceda8aeb7e875b339c The OpenSSF Package Analysis project identified 'connector-colaborator1' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

MAL-2025-2067 Malicious code in product-custom-grid-columns (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 620dece457b625966cbf804fa1e8bcd8b54fb2b961020453940961af4569f10d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2065 Malicious code in qaboard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0ac2bfcab360f7de45c230b1af8580c51697bb734b65eb7d85386f00a2fe83ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2061 Malicious code in atpw-reactive-form (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 087c073ee5ea5ea80f9935623ee80f8efd14ca034a3f7816298c966e5ff939cc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...