Malicious code in blockchain-explorer-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6cdabf6ac5434305cb152ee0eaf4d9cbac6f1de324ae91052537dc8fcfa94410 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1282 Malicious code in blockchain-explorer-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6cdabf6ac5434305cb152ee0eaf4d9cbac6f1de324ae91052537dc8fcfa94410 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

The withdrawCarry() function always reverts because of an incorrect assumption.

Lines of code Vulnerability details Impact The Compound protocol's CTokens have 8 decimal places, but the team mistakenly believed that cNote also had only 8 decimal places. However, it was discovered that cNote actually has 18 decimal places. This discrepancy caused the withdrawCarry function to...

Malicious Package

Overview blockchain-explorer-sdk is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious code in blockchain-explorer-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f01495842310cffcbf1d5d6d28f46cc678de92e26262ab89d275701e407b8017 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...