14 matches found
@actbase/react-native-fast-image contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
@actbase/react-native-kakao-channel contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
@actbase/react-native-tiktok contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Malicious code in @actbase/react-native-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6903aaa72b2c62de00654968d7729b4fd07bfa78bf68f14c1ee924f6c5dde9c2 The package @actbase/react-native-devtools was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190793 Malicious code in @actbase/react-native-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6903aaa72b2c62de00654968d7729b4fd07bfa78bf68f14c1ee924f6c5dde9c2 The package @actbase/react-native-devtools was found to contain malicious code. Source: ghsa-malware...
Malicious code in @actbase/react-absolute (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed7fad65f30e84a768e6bfde1db53365d73d067672f3722603eecc021adadadd The package @actbase/react-absolute was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190791 Malicious code in @actbase/react-kakaosdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a48797e2088e681febf91726aa184436bf3fa96104d23f438a11b19f75ef0516 The package @actbase/react-kakaosdk was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198883
Malicious code in @actbase/react-native-kakao-channel npm...
MAL-2025-190709 Malicious code in @actbase/react-native-fast-image (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7879bec5ae80ecf74326a88c3b01895fe758fa9ddd7e9375e187588383eac0ee The package @actbase/react-native-fast-image was found to contain malicious code. Source: ghsa-malware...
Malicious code in @actbase/react-native-less-transformer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06f669b015d3df7c500b192e927f2890c45ad45dafa608100da2146dca598efa The package @actbase/react-native-less-transformer was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190710 Malicious code in @actbase/react-native-less-transformer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06f669b015d3df7c500b192e927f2890c45ad45dafa608100da2146dca598efa The package @actbase/react-native-less-transformer was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198754
Malicious code in @actbase/react-daum-postcode npm...
MAL-2025-190708 Malicious code in @actbase/react-daum-postcode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b6730961ddc6bcfd14bc8564e2a8ef3d34d757e1ffae65ed7ff88232e115104 The package @actbase/react-daum-postcode was found to contain malicious code. Source: ghsa-malware...