3437 matches found
Malicious code in tailwindcss-gustify (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1671650b65b4934845aada45f513b1bea7032ea94d90f9e1517e60bce563b621 The package tailwindcss-gustify was found to contain malicious code. Source: ghsa-malware...
MAL-2025-49380 Malicious code in chai-await-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ad46eab8b628ea50c737795204bf86f36069b9577310c833ea00a469024ec0b The package chai-await-test was found to contain malicious code. Source: ghsa-malware 47ca275095dc49120d03c89b6b2192f62339069acbd6717fc39d06c04c07037...
Malicious code in rbx-api-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adcdceb1d10e901a9b6e6666de7760a70b8a30d2e4f4230f37f089714d62227d The package rbx-api-ts was found to contain malicious code. Source: ghsa-malware 40b2b2f44e007e32202c67b4c33caf98936df9a60df7dc60e7163078fff8b7d3 Any...
MAL-2025-49369 Malicious code in tailwindcss-react-sass (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c6f72d8d64a8612b01ed58fa0bcacd97698a820dcf3b2ebf50dec6e23831065 The package tailwindcss-react-sass was found to contain malicious code. Source: ghsa-malware...
CVE-2025-43468
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989074)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989074 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports 0 that his recent...
CVE-2025-43390
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data...
MAL-2025-49322 Malicious code in containerization-assist (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79aa72c875d99fe35db3e9de0382cc573aafe3a6a85d23ffcd7d6e47291e9f7f The package containerization-assist was found to contain malicious code. Source: ghsa-malware...
Malicious code in react-icon-pkg (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d8ba17d7a373063f5a6120fd27a52bb855006bd5f440ee5d2f287cccaeb6bd5 The package react-icon-pkg was found to contain malicious code. Source: ghsa-malware ce6d8c074bdec68ae646e31b821c3896f805e01c46c5464e8db624d09e133205...
MAL-2025-49260 Malicious code in hemi-viem-stake-actions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1d9184337bc393349d525de921a714d1d1b7d49ccac08cc2d35ff378627971a The package hemi-viem-stake-actions was found to contain malicious code. Source: ghsa-malware...
Malicious code in soxhob-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f363c792232ff069ace1465cb749f1af3aaecf8dfac04cfd380891e6e92caec9 The package soxhob-client was found to contain malicious code. Source: ghsa-malware f87ebbd60bec6fb45dfb478c7a9bd94336690f19c4870e5ac5766c9d864a75ff...
MAL-2025-49043 Malicious code in sort-keys-fix (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6fd040f6b48ad761cb38f7172921ad9f1a82689c1ac612e6f936271eaf1f08d1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in xo-title (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e05e0bfe7b552fd008c4ad64a4d0f2d0a842f898eb7ab753451781236101acc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in xo-shipping-options (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c21e6f808603d3ee1f0107b9f7e0a2fbf9f420f9ac6004090593f7fab29c6e92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in simple-import-sort (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc5caceb82a60c3342bf66bc4d6a60a268d94712079783637e89a40b6f374122 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wdr-beam (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16487b4b3ab32616874e0d9510ebc6c9ebf957bccdd7bfe6e84d60e0d1b89cf2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in airbnb-babel (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83df14bbf64c6c5ea72bac62897bd2bec7ea1ae91217dd206286fc4e6ba8df40 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49041 Malicious code in skyscanner-with-prettier (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 269ee691d4871e49dccfe0f756848ea5ef13360c6ff86d64bc7ddb718ac5d423 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in polyfill-regenerator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7d3f5ade208f63787145ecad7643a32b6bf4525494a136967abcd7d0ba2e720 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in trezor-rollout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ddacc3033f82ae4ac26ccf3e7b622d3f3d7d8e04418bd1375f8770137641a7b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...