3 matches found
MAL-2025-191371 Malicious code in @voiceflow/secrets-provider (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 527df6a20822831f2bc2435e1db61fcc192d163d6a81240078e8e93066dc1235 The package @voiceflow/secrets-provider was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199391
Malicious code in @voiceflow/secrets-provider npm...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...