2468740 matches found
MAL-2026-6628 Malicious code in @img-hls/vtt.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad530c5830e0148f1b5b34ac28336c1b1468d5a11ffa2ff265368e13199cceb4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6616 Malicious code in @druidsoft/botframework-directlinejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 34ac6d117d0531ed668bd8df71233c07089b14c644a9403ee479976d75951fcb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview @e50/utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious Package
Overview @druidsoft/botframework-directlinejs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization a...
Malicious Package
Overview @contenteditor-shared/content-editor-common is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...
Malicious Package
Overview @orbis-lr-sdk/orbis-lr-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious Package
Overview autotel-cloudflare is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview autotel-devtools is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in @partner-apps/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91a55f75e5401bc702943c887c3e72fb80f4a7f21bb34f65350fc54aeaf999d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6630 Malicious code in @live-backstage-im/communication-chat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad217e6f53767b755ad267a2052b4bc35add8ba6cdb6532dfec034c83e3d3426 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @rakuten-rewards/messaging-sdk-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7fc8243854c9528882d45c044a4a7c7ce2ad94143a84f135b2b98cb536ce2f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview @partner-apps/ui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview @oec-settlement/react-router is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-6645 Malicious code in @rmlibrary/formatting (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d9bc486836758abd131ff67787849b4a1b293a61e7b3bfad27fa27cbef6fd33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview @rakuten-rewards/messaging-sdk-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
Malicious Package
Overview @settle-sea/supporting-documents is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
Malicious Package
Overview @sentryx-libraries/auth-interceptor is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization an...
Malicious Package
Overview @live-backstage-im/communication-chat is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...
Malicious code in @rmlibrary/formatting (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d9bc486836758abd131ff67787849b4a1b293a61e7b3bfad27fa27cbef6fd33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @live-backstage-im/communication-chat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad217e6f53767b755ad267a2052b4bc35add8ba6cdb6532dfec034c83e3d3426 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...