MAL-2025-2639 Malicious code in @sf-intl-map/pc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61a2d90c24241bf2e76297e783ea1e7b7672cae9934a46ce92fc661a72786973 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

NCSC Releases Post-Quantum Cryptography Timeline

The UK's National Computer Security Center part of GCHQ released a timeline--also see their blog post--for migration to quantum-computer-resistant cryptography. It even made The Guardian...

MAL-2025-2473 Malicious code in shorterapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5f5eb942dbb6cb91bfe5e28567482dbc8642287b5e070aa027795d9bc79949d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @sheingroup/justakiss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dcd17fcad0f2896dfc1a21c4b0e65d0db6a1deae574d2ee5f8a51b31309b3290 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2313 Malicious code in freezelists (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 50a6c5552bab08c7bd48024aaf770fee35eb596693593ec7d937909e6a672dea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2242 Malicious code in bastion-react-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b653fe85132d2b38f6455a8b98a9d59deccd8982eaf7c9e13d97d1037dbc6a4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2264 Malicious code in linear-open-issue (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1a73eff632d074d970750852ec6e11f70aff4d2291553664b9f84289a189191e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2137 Malicious code in v1ue-custom-widget-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f7e56b04ae3ca44fba371adba340a3933b9fb3e7899bc2da0a2c868373970b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2131 Malicious code in toloka-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c7326d0e79737f24ac6ba12b7f58459b7aa76c833af0bffc5791d2ef4f1a1ab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in package_events (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74ede61665484ec6970f2d593a4363c19f20c93d1691ce47bbf4f7e6e1a8f3ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1570 Malicious code in all.en.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c395f6ed37dd1a8e6b2b15422babd65aa6c8f28456ef07e8951ac7ede5c47173 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1436 Malicious code in pionex-main (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 920e3da8486469505238abd948067c96de94fbd869e6732782e06809f4fd7902 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1457 Malicious code in yizhifabao63 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e401203ed8c584cdb95319e5420fa866fc2bfc7c74af5da32079aec65289308 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in orange-meets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 37037d337633f63999cc9026f347d4542faaf8a86bc78184e98a7031c17cfbe3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1375 Malicious code in pmmmwh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61153050710afa63f182defea4220d45b2a3d6a8aaf0c059d892d9deee856b6e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1077 Malicious code in com.unity.services.core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 570e09325b7eeead7439db1cd6a223b5de2ddab48982af7bb43957a6c48d9069 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1137 Malicious code in k6-es6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9283bea57aa9a22d9519e64d8cc610d3f2bb793709fadccbf94036a797d9ca58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1115 Malicious code in dna-mbc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4919122f5b393650aa18a1db8740d7a79cfa480059256e2c386c52ab0a1c8405 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in base-encryption (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1207f649c31fa807ecf3baa35f5f0226da4be187d7c3081ff90e449306df094c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1074 Malicious code in climate-tokenization-engine-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c6c54fe1dfe0ee0595094f7b5480bc0761286fb1ad1460e48b4eb6be7e274f52 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...