6 matches found
MAL-2025-47311 Malicious code in ember-velcro (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb2c22cbb7ab559c0ac1e61418ae224e561beacb9571166240b4c5249a098dbb Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in ember-velcro (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb2c22cbb7ab559c0ac1e61418ae224e561beacb9571166240b4c5249a098dbb Any computer that has this package installed or running should be considered fully compromised. All...
@crowdstrike/ember-toucan-core (>=0.3.0 <=0.4.6), @frontile/buttons (=0.18.0-alpha.5) +13 more potentially affected by unknown CVE via ember-velcro (=2.2.0)
ember-velcro NPM version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on ember-velcro and may be impacted: - @crowdstrike/ember-toucan-core =0.3.0, =0.17.0-alpha.0, =0.17.0, =0.17.0, =0.17.0, =9.4.0, =8.3.0, =0.1.0, =0.0.4, =0.17.0, =0.0.4, =0.0...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Malicious code in @ember-velcro/monorepo-root (npm)
The package @ember-velcro/monorepo-root was found to contain malicious code...
MAL-2025-42485 Malicious code in @ember-velcro/monorepo-root (npm)
The package @ember-velcro/monorepo-root was found to contain malicious code...