EUVD-2025-30110

Malicious code in bioql PyPI...

MAL-2025-47371 Malicious code in @art-ws/common (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a490c632daaee5b64f871466f63aae92473f9d088ce9c7d1c40cf9a7de5de0d3 Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in @art-ws/common (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a490c632daaee5b64f871466f63aae92473f9d088ce9c7d1c40cf9a7de5de0d3 Any computer that has this package installed or running should be considered fully compromised. All...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

@art-ws/db-context (>=2.0.10 <=2.0.20) potentially affected by unknown CVE via @art-ws/common (>=2.0.10 <=2.0.21)

@art-ws/common NPM version =2.0.10, =2.0.10, =2.0.20 Source cves: unknown CVE Source advisory: SNYK:JS-ARTWSCOMMON-12744467...

@art-ws/common (>=2.0.3 <=2.0.24), @art-ws/db-context (>=2.0.3 <=2.0.20) potentially affected by unknown CVE via @art-ws/slf (>=2.0.1 <=2.0.2)

@art-ws/slf NPM version =2.0.1, =2.0.3, =2.0.3, =2.0.20 Source cves: unknown CVE Source advisory: SNYK:JS-ARTWSSLF-12744479...