4609 matches found
MAL-2025-109 Malicious code in uber-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ddfbcc0bce009349873248f526418b14cb9c9f9b575e74b3fc1787fda4af9b76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-107 Malicious code in uber-connect (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b42422c68e4256dc883e7d5e02350870cab3c0068d92985ffa4c4bc4ab43df8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-106 Malicious code in uber-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 514527f85a2deb8975f95374694c5dc8a3d09d328d3cb7adc36ea16d071367ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-100 Malicious code in reqests (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 42036342744aae89af66ec705147456c19ef5f7f242f7d91251ca0bac5fe12ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in zqdl5551 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bbd5f002e9be6ed643e4f041658ca89255b5c1a056c671f58ff4d1ef4257e908 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-116 Malicious code in zqdl55513 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a623c3e69f707a5c5284a6e298d4d5149c282064e65985928f1277cd258d87d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in marked-cs (npm)
This package deploys Windows gh0strat malware via VBScript --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 82f49714fc5f2d734162fbcc4c7c4552ec6d6e89b81109ba8652c3d057686022 Any computer that has this package installed or running should be considered fully compromised...
MAL-2025-39 Malicious code in dexscreener (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 294308d3c6b462aa1ed7e43894f66f1fefe347cc188fd9a360649f1c03b0fffc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-41 Malicious code in solana-transaction-toolkit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 786862cc5bb54e2a1b9307f03e4cd67b11a7325ba9c251b3695b08d8e3383c58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in tree-sitter-strings (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fbacf70d3997892f49d729cbc0db29837ec65744402a0ae0c62460813e7f254f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in lambda-demo (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70fa7a653e95d7b948968c1605f557ae4f569e78a26d160f8768a44bca1b6f5b Any computer that has this package install...
Malicious code in babel-preset-app (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c7766597c4e69a6b6b08fb89e552f8cff845299eb1b612ef107e5f3fcb96156 Any computer that has this package install...
MAL-2024-12168 Malicious code in @swiggy-private/js-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 28f9c99a4cfb99b75348c0637a5dc82c5b445fc5093dfc8b0f943ce32c42d11a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12046 Malicious code in tiktok_embed_v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cedd877746749d5c38833b338e2e72d91bc521f21eaa22de4fa05aca509fa7e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in yapi-to-dts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 19ac9578e805bf62c4ef65a0db4a50d37e5fa4953caa1e4774265c4f5d86277a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12022 Malicious code in pnpm-run (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d39da4628840938cc4d6581c772a1f0039a45ec515eb70d692ec5032b15ee087 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11999 Malicious code in manajemenservice (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00f781e5ec61ec2d725507626667d8de0819e01e64f92bcd3d1b5232b99df76d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in easytint (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e5495864d81fba85645e204088cd7376227401f94eb66f80f2189223f3e167b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12037 Malicious code in self-qualification-dialog-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4a2fa187ce4ea9cd50008e9f7fd8e2486ba13b990e3111ced9bcd9a762e5cdd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in client-analysis (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b972deca5352be5ff4ad1c1ca8d1b1da5c8f7f124ff1202510ecc3136ab617b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...