MAL-2025-6682 Malicious code in epic-games-nav-share (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5c0876d33c9155274a0eaba4f29d9351f9cfa32ddf6363ae74258d56185de63 Any computer that has this package installed or running should be considered...

MAL-2025-6068 Malicious code in @wptv/components (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-5648 Malicious code in jenkins-for-jira-ui (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4eb6219412d635487c17cb5e33f5085c2fced525cf0f510f8df2728d299f028f Any computer that has this package installed or running should be considered...

MAL-2025-5466 Malicious code in ted-ui (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in @ftapi/secuauth (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-4991 Malicious code in azure-pipeline-filter (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ccebaffafad34dc6e0db144fad37c055332951b9590769cbc852f2141a08d5a Any computer that has this package installed or running should be considered...

MAL-2025-4722 Malicious code in base_sdk_const (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba549d28b0740cfb0d22c85b7b26e5ccacab6cf6220e202dcd28c19a1abfb81e Any computer that has this package installed or running should be considered...

MAL-2025-3804 Malicious code in pog-ui-landings-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 958b647cd78bfe4822d3c9b88bb93606783f6f5c4f46fb06c118181cc545fe5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3594 Malicious code in ui-platform-base-components-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b86eb50d9103e65b5af0d24fc0da1302ab769b008a7a2d7c46d686a0fca6d9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3544 Malicious code in ngsma-commons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d66dd7ffa0196bc96f1ec1da6ec107cb6a04b2e70051fb380771079b563581f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2061 Malicious code in atpw-reactive-form (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 087c073ee5ea5ea80f9935623ee80f8efd14ca034a3f7816298c966e5ff939cc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1566 Malicious code in eslint-plugin-externalincludes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09b1ebe297181abc6e2efc2e9452146ffd0b49dd6f09b94bb3ebb1481ff9b9a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1563 Malicious code in webbundle-plugins (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c94c458984a089f14be87d45c3ac4355e1ba06610c50abbcbb0f172160e5a38e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-666 Malicious code in incomesample (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-525 Malicious code in lyft-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3b6c2c8a640e356df7915efc2dbff4c6612d5995a84d32090e38a5fe4ee11eb4 The OpenSSF Package Analysis project identified 'lyft-cache' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

Malicious code in iberia-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 95e9ac0e975b8b384c700d46336dcd39ba494614f7d23f23f78647c8f4d70abe The OpenSSF Package Analysis project identified 'iberia-cache' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

MAL-2025-379 Malicious code in amazon-gateway (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f8c3ed9194a70a080c9814645d91c46cf2195692168d2efa5e08e5078a853d91 The OpenSSF Package Analysis project identified 'amazon-gateway' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

MAL-2025-357 Malicious code in airbnb-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 569af68d5b2f70cc46c62d3be362723205c02819f13c60a456a6925c2f6d1dd2 The OpenSSF Package Analysis project identified 'airbnb-auth' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

MAL-2025-32 Malicious code in hts-open-dex-react-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71bfac5a5597cde45524360e887ab5bed0c9e5b8c5337ac9c0728b677529de56 The OpenSSF Package Analysis project identified 'hts-open-dex-react-ui' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

MAL-2024-8837 Malicious code in @warnermediacode/wme-theme-gelatam (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aaf48e991eec02e4a2336deb7d55aa9bffd7867db6f927c1e12487170a208a41 The OpenSSF Package Analysis project identified '@warnermediacode/wme-theme-gelatam' @ 99.50.55 npm as malicious. It is considered malicious...