15467 matches found
MAL-2025-48964 Malicious code in @gitlab-lsp/workflow-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77c05dd20ff8e2d3c07051d2f1146ac86522b9a72a6964e27122c9dd02d4c7a5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48965 Malicious code in @gitlab-test/bun-v1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac471c58a2d40a399987d96cf13593df041d1f3baa4d4e19e047d1090a931f6a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @gitlab-test/yarn-v4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f274342e8c6f4a200134b68b571eb1eb5d9f01c5d28f5d445b0da3fff6808ff1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @aio-commerce-sdk/config-typescript (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 85b2c7fad2af3e611f7fe4d8399529e1b897e4ca8838e1a5db0a2c61acb4d998 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in typescript-sort-keys (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9936ccc8347b00204eae711ecf8b26d6d9444300021678c11327776463123325 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49059 Malicious code in typescript-compat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0acc4ba0bcbd7793656800efb10926d4044fa65326e8bee88e9b92d2504bc668 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in crowdstrike (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 11cd49b95ecfbbbeedc96c140184f8543c29b3a6b60688c32bb40459bd164a76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49053 Malicious code in trezor-rollout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ddacc3033f82ae4ac26ccf3e7b622d3f3d7d8e04418bd1375f8770137641a7b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49023 Malicious code in mourner (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f18af0d378a61144c08db151e716049e3382641abab5eb75718aca6c4fb19d00 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49076 Malicious code in xo-validation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a2dc971622a44de97536e68fb7287ef32a7a1bdabe0d0386eadf248219cea54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in xo-validation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a2dc971622a44de97536e68fb7287ef32a7a1bdabe0d0386eadf248219cea54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49055 Malicious code in ts-migrate-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13c089f283eddbfd2554393c29fc93368e75a6329803352ed0175155f436915f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49000 Malicious code in express-redact (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4f7506bc61afb104333b21673f4899d6ea5e6982fcb1be7623fafcb4f5580a7 The package express-redact was found to contain malicious code. Source: ghsa-malware a883eba91191de6920dc8a2f765112365ac2835f16dd0918d3750d99a89cc9e9...
MAL-2025-48987 Malicious code in bernie-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3739c86097b3910a94bc6371b69d1febbec4d9b8849ec05212f62ec35cb163a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in chai-friendly (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d91de03ddaa79c1b3653f7324f3c8a2041bc2e0eb7082649efe9ee495d1a4eb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in no-floating-promise (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06870b1f839041e943ec19a9c8930d03b27e9fdfef7f3b79fe0eff1545dec2ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49032 Malicious code in prefer-arrow (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd4c923d3d6c399e77c6af5aa1cbd1e4712cb7bd89045f7ad31667227e6e3bd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in fzreo-trading-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f88d8fd4cc0828b828f3a6fe64daf9b8dc84c84729972d2c17de5559ab96c653 The package fzreo-trading-sdk was found to contain malicious code. Source: ghsa-malware...
Malicious code in @jameson777/mytest8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b156e6ec35304232881859a1a11917ad7244fcea63f2683ef1a381098858d9d The package @jameson777/mytest8 was found to contain malicious code. Source: ghsa-malware...
MAL-2025-48914 Malicious code in vite-manual-chunker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2466db729b423d58b084a5f99834cfaf8c62af4179350ef30978e32f36b50fa7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...