GHSA-6JP5-HH4C-8C5H [email protected] contains malware after npm account takeover

Impact On 8 September 2025, an npm publishing account for error-ex was taken over after a phishing attack. Version 1.3.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's own...

[email protected] contains malware after npm account takeover

Impact On 8 September 2025, an npm publishing account for error-ex was taken over after a phishing attack. Version 1.3.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's own...

CVE-2025-59330 [email protected] contains malware after npm account takeover

error-ex allows error subclassing and stack customization. On 8 September 2025, an npm publishing account for error-ex was taken over after a phishing attack. Version 1.3.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect...

MAL-2025-46975 Malicious code in error-ex (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59f26605a6bcebfcf57f0c0d4a5309f362ad7211b4bea412366a96e93a4db054 Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in error-ex (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59f26605a6bcebfcf57f0c0d4a5309f362ad7211b4bea412366a96e93a4db054 Any computer that has this package installed or running should be considered fully compromised. All...