15487 matches found
Malicious code in dependency-conftest (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8aaa3faf1923724759fdae15904fd1769602cd6b493cdffa30ca091cb19fa3a8 Any computer that has this package installed or running should be considered...
MAL-2025-4555 Malicious code in dependency-conftest (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8aaa3faf1923724759fdae15904fd1769602cd6b493cdffa30ca091cb19fa3a8 Any computer that has this package installed or running should be considered...
MAL-2025-4577 Malicious code in reacts-gh (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f438d6df955eb639b0090cb670175f993ce6f6e5ce1f8d1926d236447864460 Any computer that has this package installed or running should be considered...
Malicious code in winstons-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7ebc9796eae3ab4eb7380710ff205e061c750965207974c71dba9f0d8d2ae8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4449 Malicious code in rainbowkit-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83ed1e8adb99f97a9039322cfdd84d79db451f0945c567837f21ecb05d6fc49b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in iokit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0809d84edd6d3d9ba71ac05151f2564c41a8d94a6e8ee6b57d8237de7ba7720 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4438 Malicious code in iokit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0809d84edd6d3d9ba71ac05151f2564c41a8d94a6e8ee6b57d8237de7ba7720 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in web3-evm (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47f8566107060326567a6d66ac66f3c457f9a24142c7c3694200e07af63e9e27 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4434 Malicious code in expo-blob-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a5aeaddd3e10a478c22aad8b7c9c33e937d34c05df63b23d331e509b44028c9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4441 Malicious code in ml-preprocessing (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 449fa18004b9f5016f86ea6f5c97358b4ca5263d4649325b946379ca51610f63 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vnc-viewer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b409d2b1ea3535147d71ddf23425fe3fe4d437ce0d5af96f32f80c094bccc009 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mx-admin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53bb09097c08dbb2935066fba5cd1b4bb5c50abd404864db6bb6c1119dfdad7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4436 Malicious code in fe-second-party-pkg (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bcbac1a3c8c63cd47005ab85c88ef2933e702844df4a607f5f54157c0a2881b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4444 Malicious code in mxc-klinecharts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c79272f6f70f9c9bb5fd7c93c139322148f3fe12787d784e9e7e8530dc002134 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4437 Malicious code in hibernate-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0ba5c88bd8432cb5249a0abdf018e4b4c5da5068923a451703ae35d409b16414 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4431 Malicious code in catalog-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2b8c5db0f6aa2b0836f3971d1e9520ad4895f5c5678b97abb13f89b103a19e3d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vega-embed-v5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5f598c2282a0fd068c54ef02bd7ee8232523d615d6a0144b450e6002b0c95ab5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
A Survey on the Safety and Security Threats of Computer-Using Agents: JARVIS or Ultron?
Recently, AI-driven interactions with computing devices have advanced from basic prototype tools to sophisticated, LLM-based systems that emulate human-like operations in graphical user interfaces. We are now witnessing the emergence of \emphComputer-Using Agents CUAs, capable of autonomously...
MAL-2025-4425 Malicious code in blocks-nextjs (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ae607db145f1ae39e7375c25cd19509f7f82eb76be82e74ff5cc37650ef27ba Any computer that has this package installed or running should be considered...
MAL-2025-4568 Malicious code in mergify-browser-extension (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d8f2de81952e94086d23e94decb4b563c67c4a2022666fae6a869278e07c0b0 Any computer that has this package installed or running should be considered...