557 matches found
MAL-2025-4036 Malicious code in vue-dev-serverr (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a206a0d6714ab34f1c8c8d7893e516f6babb7bb3bb786fa679bde0c300e4815f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3953 Malicious code in inter-frontend-lib-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 20b043e0fa1aadc6d1e400a275d7c543cf31f466a312f5cd286fed159f700ec0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3876 Malicious code in codm-lucky-shop-pss (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94fa7b770ddfee08869eed0cd92c1d8ab71d6c0d3a2c52f2cd4b7688f76a84f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3928 Malicious code in xero_ruby_oauth2_app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df775937f934e6eee2161d71e8e61cc59dab858b11abd32721c7bb957ab91ee1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3921 Malicious code in ts-db-indicator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9556592a185a149af4a877ac348199cd0c69faf0fed158075c976b00585f8a3f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3918 Malicious code in solana-web3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87dd8c18d15d4abbb750627cb9dfec4be3cd3fa1e2ae9d2ac8113cc0597f43d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3858 Malicious code in unipig (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd7ac3cdec95558ed3e5a4e37325f492860d532de1cb8c3013e53a21ee441ffc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3848 Malicious code in openidconnect.net (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25c68fdbe733e629344de7da078e67668a22362f0be388e127a2d2b603dabd43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3834 Malicious code in imran-photo360-apis (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 50eee3813bcaa9eb9f2b3a96b47f8822b60b91073e385c5d3161fce029d42287 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3785 Malicious code in wix-pilot (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ece1c13a8175e046cf322db45e66e2b92e54bcd72dcacc389a974c1bd7bdbf1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3801 Malicious code in vite-tsconfig-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d8e87c316d95bb1306ba575056c1036de186e9370217e5fdde12d1e13cc316ab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3796 Malicious code in next-logging-patcher (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6bf5e5919b2540c762616d719c6fa3bfc0baa1dc65bb926ef097766659727298 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3751 Malicious code in @myop/react-remote (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 029683b35472b242040bc8c08dd99e2a8f26b63ed291bff700f7a06ef0eb989b Withdrawn Advisory This advisory has been withdrawn because @myop/react-remote is not malware. This link is maintained to preserve external references...
MAL-2025-3756 Malicious code in astro-scripts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5eb39edf57f35aebc402844f0886c494159650bcfbb6faf113aad3c6a62707e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3774 Malicious code in vojislav-web3-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ec0615ccf6220b2f71802d071574e6dd419eb49061805b9c05aee84eacc51df7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3765 Malicious code in harvest-strategy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware de22b4dfdf724c0f8cba6b9451ea1743b0a7d6be1256a89d00ec7ae20c3ef901 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3670 Malicious code in antani-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8bc6ee4654a6ce0b1ac821dfabae9daec5d7ffc8149ea0fdb78a2230493cf4f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3688 Malicious code in identityaccesspointsrv (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7c91d904c61ea0d0dc69c3d616a5b6fc69014bc5694f175191f4f661a33341a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3672 Malicious code in @johndeere-tech/eslint-plugin-timbercloud-custom-rules (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61308d7848e55b8e455ca17307d037a12cbcb121760bacc64d9f8b574c08861d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3693 Malicious code in outline-shadowsocksconfig (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac9c30589865091fb269aa3d3071ffe0d15ca8b8a8848e0363d338514f8b89ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...