3 matches found
Malicious code in dynamic-import-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security e6f301178847664c047f34b5ce64b443f6162b3a0c5113fed22a3a9d1bfcd793 This package installs a dependency hosted on a custom domain that runs an info stealer during installation. The info stealer focuses on...
MAL-2025-49028 Malicious code in only-warn (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf31c0df9e000c5a762fa04ecbaf0f9dd09103bcf544ca0aaebd43193b096a5a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @js-to-lua/lua-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4ddfe717b22bb57e4e1887887c45646abfa625e1d566049a635b86193170cdf9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...