45 matches found
EUVD-2025-199517
Malicious code in @actbase/native npm...
Malicious code in @actbase/native (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 328d7b0db77bbbc8012f6aee1eec6c2c15d1fec187573be00958308bceaf3b13 The package @actbase/native was found to contain malicious code. Source: ghsa-malware eb78c3f4eb3df2581ae53c6b6c46aa1d14c7a6027fa4f248b1e2b15763763ed...
MAL-2025-191178 Malicious code in @actbase/native (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 328d7b0db77bbbc8012f6aee1eec6c2c15d1fec187573be00958308bceaf3b13 The package @actbase/native was found to contain malicious code. Source: ghsa-malware eb78c3f4eb3df2581ae53c6b6c46aa1d14c7a6027fa4f248b1e2b15763763ed...
@actbase/react-native-kakao-channel contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
@actbase/react-native-tiktok contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
@actbase/react-native-fast-image contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
@actbase/react-native-devtools contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
MAL-2025-190793 Malicious code in @actbase/react-native-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6903aaa72b2c62de00654968d7729b4fd07bfa78bf68f14c1ee924f6c5dde9c2 The package @actbase/react-native-devtools was found to contain malicious code. Source: ghsa-malware...
Malicious code in @actbase/react-native-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6903aaa72b2c62de00654968d7729b4fd07bfa78bf68f14c1ee924f6c5dde9c2 The package @actbase/react-native-devtools was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198885
Malicious code in @actbase/react-native-devtools npm...
MAL-2025-190790 Malicious code in @actbase/react-absolute (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed7fad65f30e84a768e6bfde1db53365d73d067672f3722603eecc021adadadd The package @actbase/react-absolute was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198888
Malicious code in @actbase/react-absolute npm...
Malicious code in @actbase/react-absolute (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed7fad65f30e84a768e6bfde1db53365d73d067672f3722603eecc021adadadd The package @actbase/react-absolute was found to contain malicious code. Source: ghsa-malware...
@actbase/native (>=0.1.5 <=0.1.31) potentially affected by unknown CVE via @actbase/react-absolute (=0.8.2)
@actbase/react-absolute NPM version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on @actbase/react-absolute and may be impacted: - @actbase/native =0.1.5, =0.1.31 Source cves: unknown CVE Source advisory: OSV:MAL-2025-190790...
EUVD-2025-198887
Malicious code in @actbase/react-kakaosdk npm...
MAL-2025-190791 Malicious code in @actbase/react-kakaosdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a48797e2088e681febf91726aa184436bf3fa96104d23f438a11b19f75ef0516 The package @actbase/react-kakaosdk was found to contain malicious code. Source: ghsa-malware...
Malicious code in @actbase/react-kakaosdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a48797e2088e681febf91726aa184436bf3fa96104d23f438a11b19f75ef0516 The package @actbase/react-kakaosdk was found to contain malicious code. Source: ghsa-malware...