MAL-2025-313 Malicious code in social-previews (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fab6484159a8754b4345d5eadcd2182865514fcfa93f939fe2999845cf79a803 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-305 Malicious code in sdk-coin-avaxc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae63f0d13a276525ec64ddd6d3b51601a6bb091953e45d505ccae7e2778574c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-295 Malicious code in eslint-config-atlassian-fecq (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2dec5c0511ddd42ff4442d47dd77fed92c193dbb7a478850e568766c16d79986 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in calypso-eslint-overrides (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 04e56d5029c9f673038593248e7a19047892f45f4344d5a98af273acf9d2a358 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-278 Malicious code in calypso-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b98eff47a4acde03f525440e1a5b4a46bb09d9766422550e449954a95d3cb607 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-275 Malicious code in calypso-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a0d93c1dc6f1cd8a005ffa7ea9a14f93a6356c3f16ff57104235ec0aa641bee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in prem-fb-downloader (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5fbb6df275aa4fd3a58792cb72b230546beeaa2fe12aae5f63ed5d516907fdf9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-227 Malicious code in prem-ig-downloader (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06c4a6771ffd4d3e9e4aa7f3e6c28ae1761be07ad176869dac7a5067d9d9378c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-240 Malicious code in slack-opsgenie-alert-creator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c4ba569087e246077cfd861faa831171f4bcd9836089fa812b7cc5a7f7c084b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-199 Malicious code in kubeflow-pipelines (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b48fb3f0a2da611129fdadc65a4bb98ea67f4427bf3f7707de95c4b80ccb8eb8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-219 Malicious code in podium-pride (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5abcc917b2c3c387cbb0096d57ec3b264785aa5e13f0fd89e57133b7c30c820c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in bbc-http-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 607310f08b0c054bccf0fd5902e86de74b458d5c11110bdb411ac30b04c0db95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-178 Malicious code in dbx-js-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2191dabfd9180ad79d00f6678faee7b75417b6a5ee484798bff290a81fa0d56 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-256 Malicious code in vscode-tcf-debug (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 081bab0ec2ee34f3590622d06dc898c469bd03a5919b3f05c6637e0744439f59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-212 Malicious code in nr-reports-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83a07c3a21ffff09fba609e9879fbf9abb20469637967f526c6ef288a5bfeeb2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-182 Malicious code in dotgov-list (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 474b190c86043a8da1444eb865e6a6214a6aed8aa0fd62aa37726ebc44850bd2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-183 Malicious code in emoji-datasource-google-blob (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3653a56d9d36fb380b98090ef118578ceed822d7bb1ab1a62d6a18fba5ed5b2c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-254 Malicious code in uber-direct-js-sdk-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30ee8294ed2bcf683f478b647f9919d6b45e0651905c29ada14a3ce392168447 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in 3cx-call-control-apps (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca09aeb5dd1513eb46048a6987f18b72f8c9f52ba8340cefc8521c2138be8503 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-129 Malicious code in jssdk-infrastructure (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80c132d5e9d9ea8c65f7c252909ff66d20a611adce2c58734305e4fe06254319 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...