2634 matches found
Malicious code in cms-helpgit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb11c1d166cf4cf2726b7b89e77a41224b1abe19c6666ea0f06bdc06ebf967c5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5057 Malicious code in appkit-react-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49e8fbd1c8061ffedb22f37a8fa90ca96d9830f45d7d318f421681c558aec29d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in argpras (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 40083a8e3e772fd09bb0fca7791e87c2b3edfefe3ad7495b34899b6a54b2b077 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5079 Malicious code in react-svg-animator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df0945fc4ef48dfcf552b844a84717606557a3d2ec592aa486a6f464eb290eb4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5071 Malicious code in gcp-api-enabler (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a14212abcc7c3f9f662ffcc18752c5fa10f94d07ef3b7c820637eea7d02c3ab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5050 Malicious code in @rsi-community/hub-client-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1809bcf5bcd98744f995fb8ad94581a2708daa99f40bf4e4d563e17c5c81b4b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5062 Malicious code in codex-devcontainer-install (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8248bf278df1e89da484099e912cdf9f8659976469a219bee14a03e2755391ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4845 Malicious code in @polka-ui/recoc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ebdab3116c10799ff2e38e53ee85ffe7d2fb61961d8e3924319030b12d2a516c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4802 Malicious code in xlsx-enhanced (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5196a5b8e1db8092bb735b33db7212278bd080b11315dab3eae15251655c22a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4305 Malicious code in auth0-net-sdk-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9cf6a5c13db1c0846ba64abd842d9980dddd9c0d66d3497d549779ccaea114b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in auth0-net-sdk-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9cf6a5c13db1c0846ba64abd842d9980dddd9c0d66d3497d549779ccaea114b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mobile-international (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 543efd73c4d2860379f7e412db8f3ddb33401c3788a2a18f5ec0648e33b51a33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pypi-build-verifier (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43a9aa0e00091b0758de27e4e5708a572d91bcada3757f4ce7bc1a0b17cb2965 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4245 Malicious code in pypi-build-verifier (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43a9aa0e00091b0758de27e4e5708a572d91bcada3757f4ce7bc1a0b17cb2965 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in webservices.rest-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c9c78a4d0c87def69bbc5337e41a730e7ca6ae898426759915f053dc584581c package.json declares both preinstall and postinstall hooks that execute index.js, which exfiltrates installer data to a base64-encoded Cloudflare...
MAL-2026-3830 Malicious code in @zentrafinance/contracts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 867d053632b3bcc143ed8f9f0f75a1dccdc210cede972e8006d698ef796793e5 The package @zentrafinance/contracts was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3833 Malicious code in zentra-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0e01d6a4a54894203355e9b44bb2489f91006985ffc2ea5d5650b172653cd76c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in babel-6-compatibility (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8087b9d84c49b5f44fe119e347d1fe658395eb8af859209bcf8884716692229d The package babel-6-compatibility was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3793 Malicious code in simple-date-diff-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb5f213f91d456c5ac949bf0995ee5310b944a9bf102b429edec11a99cfb6bf The package simple-date-diff-utils was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3779 Malicious code in alicloud-pop-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8996db2a99f506044afe3fa7d1776936c419425988ce0adab16938e0b1c72498 The package alicloud-pop-core was found to contain malicious code. Source: ghsa-malware...