15 matches found
MAL-2026-4188 Malicious code in @limebike/supreme (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f65cdcb27200e24464982c0678d9dd556342d53886e4d5378da5d9c664fe1c7 Both preinstall and postinstall lifecycle hooks in package.json execute index.js, which collects the installer's hostname, non-internal network...
Malicious code in mongos-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6580043c6aae1e9b2a53c9656a14b094f0e3b00ea7728457e4f2f2e46458358 The package mongos-api was found to contain malicious code. Source: ghsa-malware 7bf084b38089206dc3a1aea5fa3a424ca23992e8a695031b17b8a2bb85fd491d Any...
Malicious code in magento-coding-standard-eslint-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 181566f148b6cac8ad613b2942849254b7a6968bbe5e16a9d009aaa8e4184b25 The package magento-coding-standard-eslint-plugin was found to contain malicious code. Source: ghsa-malware...
MAL-2025-5864 Malicious code in symphony-cryptolib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8216b9fdde76a4f40936fd19fbe9a3a7d73dcf66ffdde04c6cf54ee965448b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2108 Malicious code in kitchensink-ui-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57dd46442eabdf4fcd3affcfd4b7ef777c2229b46845426429e6277a99fe8f9d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in accept-a-payment (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d066801593b468617494b166d230eba3bfc7df3e454f9125333718ef42f6953 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9207 Malicious code in working-today--soft-aim-fortnite-down-lo-ad-pc-esp-aimbot-undetected-2023-41etdn (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d8a9f0993744d4972cdf5e672ed1837953cea1a52c4cc63a83e24184de071ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8661 Malicious code in pdf2htmlextest (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8b2331e000213f0f48b8ff8f978a0ce93926cf42935a72a611195eee4b7b4c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8091 Malicious code in pretty-array (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c13ccb71946d796fddfaa2f62631f277063b7f3230d5fd22d783585b8ed16391 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8012 Malicious code in b2b-canaisdigitais (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4dc971b04d6b1823268396807c41d808cc18fd8c2b2094b5c9ee6fb342083172 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...
Malicious code in catapulse (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ec297590c1fed85e684c74ef8166faf32dc8f3215dba06eebdec5de850ebe863 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4416 Malicious code in ltpmhgzfxqbkdive (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bc25f144e99a280ceb2e8df882e5b1eabe170263dee766f71924794f7554c61 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-262 Malicious code in @fb-pfpcommon/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd8a0261fbb5b751bdde66ad91553a2d6586c281d272ae8309cca16eabae8dc7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6610 Malicious code in toosting (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e25283d8528a1beafc7230c24579e63f590b0e68bf6c7daa9522e03861563a4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6565 Malicious code in thumb-assembler (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a778dc093a4b19a51f799a5bf03fb7714d70147b42627bafbef5bb2c87e33a82 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...