MAL-2025-41423 Malicious code in @navancorp/angular-web-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c94679c1658a3cfefa49daf06a90a50daeb480069b754976a6f72efa2e4e1d44 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-41426 Malicious code in @navancorp/icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00d23863df2bb18ff4d7478d9d974206ad5e1959e64da8883e6623a5747b4ad3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-41260 Malicious code in catflix (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d0f682b0d66f1100534a823b754c3bc096ac54a5142489698fc5589813699d9e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in solana-fb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0839c4c8b190db2ec7281e182850ddeb8cf94eec0450921f406255674f1c2470 The OpenSSF Package Analysis project identified 'solana-fb' @ 1.2.2 npm as malicious. It is considered malicious because: - The package executes...

Malicious code in testnpm369420 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f95d0c4a710a2f6a2f8a29a9284d21da506dbbd15c745165497b7761275bccd2 The OpenSSF Package Analysis project identified 'testnpm369420' @...

MAL-2025-41249 Malicious code in mv-hosp (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4952f8c63bd825b267e27af4ca78405659c40fa6b10ed3687573b348a92c690a Any computer that has this package installed or running should be considered...

MAL-2025-6973 Malicious code in flatfox-api-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a81db9eb6d8c8eb51eecf49610e1282097b77630ccb58b6eef3e2f002e5fe0e2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-6896 Malicious code in com.db.spain.common.fif.ngx-fusion-ufe (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 30f0038c395e91d1add11ecd9f7f4784ac0fdf7c472e6ca9003c3d69ae35e031 The OpenSSF Package Analysis project identified...

Malicious code in com.db.spain.common.fif.ngx-fusion-ufe (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 30f0038c395e91d1add11ecd9f7f4784ac0fdf7c472e6ca9003c3d69ae35e031 The OpenSSF Package Analysis project identified...

Malicious code in eslint-config-i18n-scan (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 201f83a69c354c3a004e8b9fd7a778bba4540bc35b88fe6eeaac043b0d6dcd18 The OpenSSF Package Analysis project identified...

MAL-2025-6947 Malicious code in personalizationtrkserv (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4e171fa4d76ea31b32b21ec8efae81c75a65d7adcc42a621c06cfd5406110131 The OpenSSF Package Analysis project identified...

Malicious code in commonweb-flow (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0062bd72b843a0cab680d5655259ce9502b602bf366057232de9469f99b853e3 The OpenSSF Package Analysis project identified 'commonweb-flow' @ 10.11.0 npm as malicious. It is considered malicious because: - The package...

MAL-2025-6894 Malicious code in commonweb-flow (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0062bd72b843a0cab680d5655259ce9502b602bf366057232de9469f99b853e3 The OpenSSF Package Analysis project identified 'commonweb-flow' @ 10.11.0 npm as malicious. It is considered malicious because: - The package...

Malicious code in gen-studio (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 75651f44d228425603e123afc19ebe54f8701a76f7c4325cdb00545156df506a The OpenSSF Package Analysis project identified 'gen-studio' @ 1.1.2 npm as malicious. It is considered malicious because: - The package...

Malicious code in appcenterclient (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1bc657665525c8990a4f9ac5c4f30181a8593678337e7f78667dfdba06d44922 The OpenSSF Package Analysis project identified 'appcenterclient' @ 7.7.9 npm as malicious. It is considered malicious because: - The package...

Malicious code in @hornetsecurity/angular-pew-pew (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 28e7be23ba9caf66d89c4659d66001871cf1901098bdab6dd4dd8630d476a991 The OpenSSF Package Analysis project identified '@hornetsecurity/angular-pew-pew' @ 1.0.0 npm as malicious. It is considered malicious because: ...

MAL-2025-6890 Malicious code in @hornetsecurity/angular-pew-pew (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 28e7be23ba9caf66d89c4659d66001871cf1901098bdab6dd4dd8630d476a991 The OpenSSF Package Analysis project identified '@hornetsecurity/angular-pew-pew' @ 1.0.0 npm as malicious. It is considered malicious because: ...

Malicious code in aog-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 741266c7bad6d1e60680d0242b4f212454b09ca9647a683b5b314b262760943d The OpenSSF Package Analysis project identified 'aog-lib' @ 2.2.4 npm as malicious. It is considered malicious because: - The package communicat...

Malicious code in coronavirus-calculator (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d30c7b91e8bbf434aa10762bff4148e83d80a714b10456cce7ba248b85021dde The OpenSSF Package Analysis project identified...

Malicious code in solana-spl-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis abc65f4de1b50248d903c79cb67ac016c8da464314e5830c70dbe0a1140503a9 The OpenSSF Package Analysis project identified 'solana-spl-sdk' @ 0.1.1 npm as malicious. It is considered malicious because: - The package...