Malicious code in @antv/event-emitter (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2026-3879 Malicious code in @antv/event-emitter (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

1byte-react-design (>=1.7.1 <=1.14.0), 1g6table (=0.1.0) +1607 more potentially affected by unknown CVE via @antv/event-emitter (=0.1.3)

@antv/event-emitter NPM version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/event-emitter and may be impacted: - 1byte-react-design =1.7.1, =1.1.0, =1.0.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.0.9, =0.1.2, =1.1.43, =0.9.1, =5.0.48,...

1byte-react-design (>=1.7.1 <=1.14.0), 1g6table (=0.1.0) +1607 more potentially affected by unknown CVE via @antv/event-emitter (=0.1.3)

@antv/event-emitter NPM version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/event-emitter and may be impacted: - 1byte-react-design =1.7.1, =1.1.0, =1.0.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.0.9, =0.1.2, =1.1.43, =0.9.1, =5.0.48,...

MAL-2025-6946 Malicious code in pentest-event-emitter (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

Malicious code in pentest-event-emitter (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2022-815 Malicious code in ac-event-emitter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b881c8ae7b1f025424e1588fb707b670163a23639f41dcccd759836882e423d8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ac-event-emitter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b881c8ae7b1f025424e1588fb707b670163a23639f41dcccd759836882e423d8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Hyperledger: Enrolling to a CA that returns an empty response crashes the node process

If a CA server responds with an empty response during enrollment, an exception is thrown in the event emitter on end. This is an uncaughtException and causes the containing node process to exit. To replicate: With the attached files, run: npm install node badCa.js & node index.js This starts a...