2468803 matches found
MAL-2026-6643 Malicious code in @reference-web/pmp-i18n (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa9fa64959cdfca9cd71a151253756f0ce40111abc40bdbbfcdab7032796f84e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6645 Malicious code in @rmlibrary/formatting (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d9bc486836758abd131ff67787849b4a1b293a61e7b3bfad27fa27cbef6fd33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @partner-apps/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91a55f75e5401bc702943c887c3e72fb80f4a7f21bb34f65350fc54aeaf999d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @rakuten-rewards/messaging-sdk-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7fc8243854c9528882d45c044a4a7c7ce2ad94143a84f135b2b98cb536ce2f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @sentryx-libraries/auth-interceptor (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 774e35b0d1dd89d33c2121f90c2d7c3d6a8ecc7165396d63db9416c03c284250 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @multformats/multiaddr (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3ff8f79934c43d48f410746d2fe1a9244365c8bac615e7552dcedbfae15b900 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @rmlibrary/formatting (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d9bc486836758abd131ff67787849b4a1b293a61e7b3bfad27fa27cbef6fd33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @services-lib/application-http-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f0c35f77748a968c410290c41c1525713b39103edc43ad32d326962c1c300d1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @reference-web/pmp-i18n (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa9fa64959cdfca9cd71a151253756f0ce40111abc40bdbbfcdab7032796f84e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @rakuten-rewards/messaging-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5881076c822a732d6344ff3614bf7437722ca46d9d5f5dbdf3105586fa078dd4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @live-backstage-im/communication-chat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad217e6f53767b755ad267a2052b4bc35add8ba6cdb6532dfec034c83e3d3426 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6636 Malicious code in @partner-apps/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91a55f75e5401bc702943c887c3e72fb80f4a7f21bb34f65350fc54aeaf999d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6630 Malicious code in @live-backstage-im/communication-chat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad217e6f53767b755ad267a2052b4bc35add8ba6cdb6532dfec034c83e3d3426 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6641 Malicious code in @rakuten-rewards/messaging-sdk-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7fc8243854c9528882d45c044a4a7c7ce2ad94143a84f135b2b98cb536ce2f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview @gm-rvg/root-config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview @experian-shared/services is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious Package
Overview @huobi-ui/activity-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-6622 Malicious code in @gallup/pc-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eca755b4cbe794ce9b1389cff974fb13df6325eeb2eb658ca64a7bb7ee734b8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview @finantix/webcomponents is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...
Malicious Package
Overview @lexisnexisrisk/insider-threat-platform is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organizatio...