15486 matches found
MAL-2025-5895 Malicious code in axio.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bfe2ad5a0a19b2113a984106f8802f798b7545a802731bd8478cc635df4defd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in nextjs-package-purify (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0991599608fe8c26ceb79529ca2da64d1dff01f67c36d2cccd92ff994f41fb6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5930 Malicious code in jsonslicer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7828f8e4816c129f466b6fffba2ed70b7560a9491a07ef71c158dd9a3029d54a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in grafana-strava-datasource (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c38acd1154b6064c05313534795a57d0d6e586cc8ebd1a6a353b4ccaa3b27465 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in shared-workflows (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d2e9e3bd8389efce3114016d94776de4d6947e98d829761b9bb1be64e02ff66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in string-parser-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 748b70284192ad043f664c6c220fd7416d86a39d02bee5c30e6181172b814688 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5956 Malicious code in shared-workflows (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d2e9e3bd8389efce3114016d94776de4d6947e98d829761b9bb1be64e02ff66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5950 Malicious code in pxsceneui-example-03 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7a2056080eb99ee23c3a6b2689ac55d696a6b788fb2030a60415a006ee3ab16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5882 Malicious code in @vapc-ui/search-box (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0da3194dfccd7f133907c4365b33fd21321477bd320e54e9115a90f0076ece9e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vitejs-plugin-refresh (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 243a4e663f29ec03aed634b87165dccaf6f345b2e1c92479b95ef6fd28474ba5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5943 Malicious code in notifier-loggers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7c838abd608c5a94498f447a0d0421c940e32b2216a2b6357a45742c5dc29fc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in heronumberone (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 44a7cf88992d75a43166e394a0faf68a3147180bab83bb0c6358bc6f64301ea8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5964 Malicious code in ui-router-cool-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f8cdbad7d217500262088af80552709596ed86e414e2a6c3214b5a40efb8057 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5903 Malicious code in codecops (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d42dbe570a6f14ccdfa5bdc48c64201847ef6414ea612b8f0a0dc6e6a0327ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in webvieweventtest (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09cd6e6230cc73bbb40ce4f9ccd122eabff367f8c81c3586c848476a8e6900fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ai-gallery (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 145c781619fadc0709819a31640a54b03263dc909ad7a622ebe40b764ba21048 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5885 Malicious code in ado-codespaces-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acd2e4a00a6fa99e47e9f10ae7238f2faaf2dd65d07678a4f33037a25ef636c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @didi-pebble/pblint (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb1531e6163d25b10b0a50538ba7b2462eea1da3199b5163aa90b8f5e4882e4f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5860 Malicious code in @yinc/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74db2471c4bf5c01eb2ac82689c8380eceda821e75fc6e60b1455306958ebe31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5864 Malicious code in symphony-cryptolib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8216b9fdde76a4f40936fd19fbe9a3a7d73dcf66ffdde04c6cf54ee965448b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...