3 matches found
MAL-2026-5226 Malicious code in autotel-pact (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4037ca9204d792112d198342524b35664de796ff675a0dbbee14a33874b30d57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in autotel-pact (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4037ca9204d792112d198342524b35664de796ff675a0dbbee14a33874b30d57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...