MAL-2025-167 Malicious code in bc-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21ca742de853894958cf8e34ed10d1e17d9584d7b71e3513b533c66a7a207067 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-195 Malicious code in imports_exports (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea5938b670954f2baac5b5cea2bc04aa6e747a8ddbd666cfc4a1a9188fc4016d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-235 Malicious code in pyroscope-oss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78530d6378099081103c13a5d340a9c8562d2c041085a8c20893adb93bdd115d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-253 Malicious code in tree-sitter-pkl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5692ca694e95779acafae807b9a6cd3b419e1b284ff21a64c2b91025f525de06 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-153 Malicious code in ad-shield-essential-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 204851191eeff7f39b152f6eea9aadd2303a89c305e1ea65c73ac3c54c96a25f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-83 Malicious code in ebay-connect (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d19ac42f1b12b95f81ed89c55872795f9fceb4ea498c981624eb1eb04828bcd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-95 Malicious code in olivergreen (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 93149667e62337ce494ebf287aeb4ab68a2b6b96fc9d32b5262d381771b539e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12166 Malicious code in @swiggy-private/analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 225aed6cf9dbdada3a5ab91f0b0804c55be22874bb11c2ad67624a420ff39026 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12167 Malicious code in @swiggy-private/dls-web-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 866e9fd01cfe3133ef1ad9f34a13b577f9296d283c389de22605e996c5ff2de0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12146 Malicious code in docu-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b6622a889906180340028e70850543b9d34f93618e7dee954ad8d394aa5c86be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12121 Malicious code in solidity-ibc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d1a13b5de5d7c8bba62c5cfaa0a0c0b7044cfee854154b9fa3db8c6cbdaf1361 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12086 Malicious code in dynamodb-data-mapper-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 93e1601651b9c7ac38203563ebdc9231ff5ac6298c9dee85fb2eeae24acdce30 The OpenSSF Package Analysis project identified 'dynamodb-data-mapper-js' @ 7.0.0 npm as malicious. It is considered malicious because: - The...

MAL-2024-12030 Malicious code in rdjjfjooirpp.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0def3cb04d3fb8c638daf6a97a708bd6b95632da63635563110d5827170cfff5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12026 Malicious code in pushservicejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8875b705a6e055665ad1912b3f5aeca6578af2778e4b541e7061ae20d6ecbd01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12024 Malicious code in private-bug-bounty (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a00733ed27d2b66f512559495dc079196948c176ea93c337042bed009427afc4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12013 Malicious code in oj-odcs-category-selector (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a60a93d78df8a9fddce4544e346f4e972b8d22bc721038cc23b9461ffdd9dcad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12054 Malicious code in uid-2-test-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f2900f53327b861bd4050d2e38c0e867e8ace72a97f5525cb74f56a7af8373e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12018 Malicious code in otc-echo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b0e38efe6cfc6243284d736f8569dc30c9f94b10388d60d4f0f323fbb84cf5c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11962 Malicious code in csp-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 07c56da928c82cee1c2a2332c92447b99ae4d8fa17441e9391ac05a4f38d3323 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12052 Malicious code in uflexreward-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12a03cd0b643eecb9171dd74f66e1916442f16b25e64f6652fc489fda6e8fe19 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...