Malicious code in foundation.util.triggers.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83bf60b2f5ebff2152502dd84c2d1275fe67e6eb08d9ce2937e0bc3de9f113a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5702 Malicious code in io.ox (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f943d7e85ce7b15cc0e8fa0f234c36503767f627e103ac8062d96f57504efbe4 Any computer that has this package installed or running should be considered...

MAL-2025-5649 Malicious code in @subdashboard/shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b9e3ee4d3e2596c958c832ed9062f00d7b03289fa32f9f3a5aacaf2a4974f47e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5824 Malicious code in securityresearchpocaplmalpkg (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b52864b8ab4058696fe0a34e9cdea2db8e1f9dec2fdb22fac1adeb4143cc63a0 Any computer that has this package installed or running should be considered...

MAL-2025-5642 Malicious code in open-source-catalog (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f3bfbe0348c0d5c8d07d2f1fe1b504717cbe1e2f686ce8d05381049ec4df11e0 Any computer that has this package installed or running should be considered...

MAL-2025-5720 Malicious code in protobufjs-protify-example (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a1fc26bdc2549188a81eca766317ffb5fdf7c0f904db9df458c43a670a86951 Any computer that has this package installed or running should be considered...

MAL-2025-5681 Malicious code in cra-react-router (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b95c7c2198b6267e255cb12eb540477d4e18a5670ea43c3e0554eba957e80cfa Any computer that has this package installed or running should be considered...

MAL-2025-5634 Malicious code in token-renewal (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware de8c5eaca0b97fb9aad23e47e1d86057e671884d4b4f12781413b41d3d01e358 Any computer that has this package installed or running should be considered...

MAL-2025-5632 Malicious code in auth0-styleguide-website (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4ac62aa1f1cbfe11927a1bc4a54326be2b214f65a0d101d475bf45c44b0d96f4 Any computer that has this package installed or running should be considered...

MAL-2025-5631 Malicious code in canonical-bridge-ui (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e38c4c4332b7b6efd48d2c9360444d99754e398a49f7099e1d7a5cef7fb22358 Any computer that has this package installed or running should be considered...

MAL-2025-5795 Malicious code in sentry-eslint-config-internal (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9ba8b7f921d459f28baff326f2eb32b49ed229eb7e2d551526035c8fcb2b420 Any computer that has this package installed or running should be considered...

Malicious code in on-off-ramp-demo (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2b6976f60e83349939cda55fa116d6f3df6d085aea3969653b767ba47863deff Any computer that has this package installed or running should be considered...

MAL-2025-5619 Malicious code in old-header-parser (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 315f759e577d29f8c6922c09f69169b191d3c8886bae205c9d3925d4a366688d Any computer that has this package installed or running should be considered...

MAL-2025-5618 Malicious code in mre-layout-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca72674752dda2346e914163e1a4ce3dd2a83b813747ebf2e4330596b0afb2c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5669 Malicious code in baglass (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 913b103a92c5fcd2b5407e2a094f43906f9c214bda154709f691ba0bc2f263e4 Any computer that has this package installed or running should be considered...

MAL-2025-5804 Malicious code in baileys-cleaner (npm)

The package communicates with a domain associated with malicious activity. It archives /home/container & exfiltrates data to catbox.moe & Firebase, including IP address. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware...

MAL-2025-5705 Malicious code in lunasec-sdks (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30db7cb288f3beca8f5d1a2fea732e95b2d3c3e391211e7efd835f0cd960e2f9 Any computer that has this package installed or running should be considered...

MAL-2025-5592 Malicious code in comcastapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31612a7938787ffe91079ad30056051f31a068066752a935bc2123267f409730 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5612 Malicious code in grafana-lokiexplore-app (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1cc39d2244f7b9883cfc8aab3dbe6a56ff2c2fc6469f5b351b1321c1670f261f Any computer that has this package installed or running should be considered...

Malicious code in hardhat-deploy-notification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2081250ac75574ee18ddea2caa510104e94d2673de1ad4fa445d96559d2a1f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...