MAL-2025-3619 Malicious code in dayjs-plugin-duration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38d6c09f6f8900e2be647537f5342bb545a0ee4b4affee0e47006cc43da3d489 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dayjs-plugin-duration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38d6c09f6f8900e2be647537f5342bb545a0ee4b4affee0e47006cc43da3d489 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-2065 Malicious code in @realty-front/dayjs (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-7079 Malicious code in @ozon-shared-deps/dayjs (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-1029 Malicious code in ember-power-calendar-dayjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71ddea44645d593def41662f97e74c980145082e9cb59e599c1e14a713eb2258 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ember-power-calendar-dayjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71ddea44645d593def41662f97e74c980145082e9cb59e599c1e14a713eb2258 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview @realty-front/dayjs is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packa...