MAL-2025-1509 Malicious code in wasm-test-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware babc522f7d7785ae4fbf04d28f89e4db9b46fbec0308879dad88b4b27542f1bd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1474 Malicious code in @roku-web-ui/pills (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b6706bc6a9fa72cdaf41946c98c552ccf966a28fcfe7a69dd7820bc0ac92c2db Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1475 Malicious code in @roku-web-ui/standard-footer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd0ebbc9b9d0dc7fe50b97f0fe8f714cafde380850c781af2dcdfabac3e26245 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1473 Malicious code in @roku-web-ui/modal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 512ba24a101785e7291eb757bbfc4432a141e965e32387d27725783342116e3a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1471 Malicious code in wkndaemassetcompute (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c407d8af3732f19844c82d8ebb0b97754b59b979b9db2ec82f002e136ca1486f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1467 Malicious code in @xenial-ux/services (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 44606337fc107c8d2c2199016ea7ec9f79003aa4ebd99f43cef39e8c272ec0af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1468 Malicious code in react-spectrum-monorepo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c3d2f67a738249f4e3344635d91861eb0b4932967a2d5d72b90fd9b7bad665fb The OpenSSF Package Analysis project identified 'react-spectrum-monorepo' @ 3.0.0 npm as malicious. It is considered malicious because: - The...

MAL-2025-1464 Malicious code in archon7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1f53d83b877f02c6e6b51cad5ccf4940a0e19e8e9aeda69d9a9d013ca471bd64 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1462 Malicious code in ab-typescript-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dff357f39e4f6c3cdfa2b8e8ef8d23e3b77159f31f825545ce19fd8a9150f869 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1386 Malicious code in keycloak-theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa8e4f6226555a04c5be8dab42fe39f502765a1bd0dad057b6e8c057939e5dad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1385 Malicious code in uyurettrtrtst (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f69974d01d68b2e9cd5e64fdd40891f5a03977026f82ced386274cf20c966e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1271 Malicious code in cros_infotest_1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d49ce8fd236e1053b560be3f562809f285f0a971956a6466386bb6be5df13de7 The OpenSSF Package Analysis project identified 'crosinfotest1' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2025-1265 Malicious code in com.unity.2d.common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 75a37bfaf17aed750692186fe017783457f38ab50f15f7a49ddb94033cb27443 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1239 Malicious code in vhx-node-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97a8bc9059906dee3aacb8bfb00ab219e1fb0cc948a15b861d2455a4a36ec006 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1238 Malicious code in hcpss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 544fee49e2faae06ce667fd2b9512d17da30686b4bfe050c4bd76c2d06166fa1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-595 Malicious code in digitalexp-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9833903519bade9052cdd1225ca96239d62fbff6d2cfc10be31dc013063ee830 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-592 Malicious code in kuvvet_poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7a15f57daa0dfb5fe047124342523add2a4d20eebd28713661823ae555930135 The OpenSSF Package Analysis project identified 'kuvvetpoc' @ 1.0.3 npm as malicious. It is considered malicious because: - The package...

MAL-2025-591 Malicious code in theice (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a5284ff23f0c6a6b960f00ae8adcf8fd068d714b2689229fa6355a69fc5d778 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-590 Malicious code in sandstorm-widgets-nyse-website (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 521032aa86f84d6ee0bb3ad2b7b97e43683ed2040212f5b7cb5359f10549fea6 The OpenSSF Package Analysis project identified 'sandstorm-widgets-nyse-website' @ 7.0.1 npm as malicious. It is considered malicious because: -...

MAL-2025-607 Malicious code in tomcrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b12e31166b9da18d6c4615c1c464ce1a94906441a1501a3d77e03b0b44092f86 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...