449 matches found
MAL-2025-4460 Malicious code in winstons-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7ebc9796eae3ab4eb7380710ff205e061c750965207974c71dba9f0d8d2ae8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4439 Malicious code in logs-buffer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 702e3497cd1d087860a5e171e17b44bba6ba6b7a62f38ff8a9d0e8fb2c8fc3fb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4421 Malicious code in ghpglobaldata (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98f6628f3ea3766cb44c71cab1c1a8301235db7c97a186af48166d59c09863c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4364 Malicious code in jitsi-meet-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ed3a4d9537f5433ddd49875099e7980ffc1235e32601d7b4d9f973254a43dff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4389 Malicious code in prettier-config-rth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3baf2a5f3efec1eace5c6720887b40bd8a5019168357ff749e8eef0b03c4b2a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4379 Malicious code in mysteryicons (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 761dd9bf68d296b54d1454be93f41203c905d2da690014d7ce8b029efecf0bf5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4315 Malicious code in codeword (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2aaf95d3c6934f346d9582d701dca64e259a66b0f2e42ed55c8c2b7096bf7af0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4278 Malicious code in node-facebook-messenger-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38fe2abbba605a3d0f5ab5869e1dc17d20562f1702817cf1c23057e9b3681dfc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4143 Malicious code in web3walletconnet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3bd041cce75701566210bfe0ee2c05533985a2b8f887d5522e814d756ef86251 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in web3walletconnect (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6379b5bb35b541783545d3399d145213c35e8db9351a2ba95b8ef457db094e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4578 Malicious code in shaktihacker (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe742c824848f300f6e3b49b60c5ccd47bb3c258769cc8444d8e87ca6a3404af Any computer that has this package installed or running should be considered...
MAL-2025-4292 Malicious code in @act-platform/app-sdk (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3567b231d7c053086778a968fabe2174ddda3fff11c78d9973d2827aaef8d4e8 Any computer that has this package installed or running should be considered...
Malicious code in grunt-mrg-enb-autoconf (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c04621f61f89e901d8cfe005449b45860ef03ccc63eee79c4250e31143c8169c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3979 Malicious code in act1on3-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 164d9728bc36bd4864ac4b7b0aeebb622de7f64d90dd5cdaef72676d16c43b5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3987 Malicious code in dahsj (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d072d2d70e89afc954cb7842944683428ca842513777b08d00ca91b0865a5c00 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3991 Malicious code in fanotify (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bad587097321dd0862dbb332c1103171c68338080d4f4a935afd9ed80f56ba3f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3879 Malicious code in convera (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 56afe2801be07df7d5829b5645331e9da9e3b531e3bdc930c293a153272cf864 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3915 Malicious code in rollup-plugin-remove-import (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 230bae792624cf6834a21e884402488ab15faca4797c79b7312463de4faf0593 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in nodejs-fetch-proxy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80749ffba9365d62c589ea0137cde9db701626ae4ba97fc9f9149b61809ac107 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3817 Malicious code in auction2keeper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a1265daa7b9386ad2a63a86ba2eb58d87c935540fd821d18d22d2c08e9a0e318 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...