676 matches found
EUVD-2025-205932
Malicious code in @vietmoney/react-native-tags-input npm...
EUVD-2025-205928
Malicious code in @vietmoney/react-native-smart-gallery npm...
EUVD-2025-205933
Malicious code in @vietmoney/react-native-smart-page npm...
MAL-2025-192995 Malicious code in @vietmoney/react-native-action-button (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df1a9f2c1ef7c8dd8ece133048315f8ab738a4d5d8bf1a11dbe5f932d39e2eca The package @vietmoney/react-native-action-button was found to contain malicious code. Source: ghsa-malware...
MAL-2025-193000 Malicious code in @vietmoney/react-native-tags-input (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4eaba1a91c6cb85d46db01b9c4e96157cdeb905c8c7d1b0d6b3dbd507a58f402 The package @vietmoney/react-native-tags-input was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview @vietmoney/react-native-vnpay-merchant is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...
MAL-2025-193001 Malicious code in @vietmoney/react-native-true-id (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96077b211aad35cef450b272ea27d6ef00276ecef718afa31ecb225b43d0b60e The package @vietmoney/react-native-true-id was found to contain malicious code. Source: ghsa-malware...
MAL-2025-192998 Malicious code in @vietmoney/react-native-smart-gallery (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cdecb4163903c7cab6a325ea865641719253be69a34f76a172a717792a8b53bb The package @vietmoney/react-native-smart-gallery was found to contain malicious code. Source: ghsa-malware...
MAL-2025-193002 Malicious code in @vietmoney/react-native-vnpay-merchant (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db7aa9187bf0ea16a7e5209406b93cd1b253b087a17bac46ad5cf79b8fa317f3 The package @vietmoney/react-native-vnpay-merchant was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-205927
Malicious code in @vietmoney/react-native-vnpay-merchant npm...
Malicious Package
Overview twilio-voice-react-native-reference-server is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview next is a react framework. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere. An attacker can access the source code of any Server Function by sending a malicious HTTP request to a vulnerable Server Function...
@actbase/react-native-actionsheet contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
@actbase/react-native-fast-image contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
@actbase/react-native-kakao-channel contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
@actbase/react-native-tiktok contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
EUVD-2025-199104
Malicious code in react-native-jam-icons npm...
Malicious code in react-native-jam-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4651dd576f405b8b0d0fd7724638dce527ed7cec18cdfc20e4b49f5cc3f9006d The package react-native-jam-icons was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191144 Malicious code in react-native-jam-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4651dd576f405b8b0d0fd7724638dce527ed7cec18cdfc20e4b49f5cc3f9006d The package react-native-jam-icons was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199048
Malicious code in react-native-datepicker-modal npm...