MAL-2025-6924 Malicious code in electron-test-main (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 64731d49ad099a9f118a9485fb5568a4f594576ed888e0bb96f7f278853ec158 The OpenSSF Package Analysis project identified 'electron-test-main' ...

Malicious code in @eooce/sbx (npm)

The package @eooce/sbx was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0c3f68a08af76f3c5412daa2b25a618ab31f5541ee496dec1392afedcf86ec33 The OpenSSF Package Analysis project identified '@eooce/sbx' @ 2.0.7 npm as maliciou...

Malicious code in @seznam-diskuze/embed (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 03c95e188163b615484b4882358ea8d4a9411661fa3bb701052fd608c8f6c4b7 The OpenSSF Package Analysis project identified '@seznam-diskuze/embed' @ 100.2.0 npm as malicious. It is considered malicious because: - The...

MAL-2025-6828 Malicious code in @seznam-diskuze/embed (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 03c95e188163b615484b4882358ea8d4a9411661fa3bb701052fd608c8f6c4b7 The OpenSSF Package Analysis project identified '@seznam-diskuze/embed' @ 100.2.0 npm as malicious. It is considered malicious because: - The...

MAL-2025-6825 Malicious code in intel-quantum-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fa156b1cde9820ee0b03c5c4a594de333baa592c69177eb84a7c8ddf13963208 The OpenSSF Package Analysis project identified 'intel-quantum-sdk' @ 1.5.1 npm as malicious. It is considered malicious because: - The package...

MAL-2025-6824 Malicious code in facebook-for-woocommerce (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e0ca4dfebc7839330f25a231f2f87af41aef50ea715541751bef46a1709f045e The OpenSSF Package Analysis project identified 'facebook-for-woocommerce' @ 3.6.6 npm as malicious. It is considered malicious because: - The...

MAL-2025-6818 Malicious code in require-turbo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8b488e13ee585b7b97c9cba93c25b1a58678d591f8ef16720f812f047be16f3d The OpenSSF Package Analysis project identified 'require-turbo' @ 99.0.3 npm as malicious. It is considered malicious because: - The package...

Malicious code in require-turbo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8b488e13ee585b7b97c9cba93c25b1a58678d591f8ef16720f812f047be16f3d The OpenSSF Package Analysis project identified 'require-turbo' @ 99.0.3 npm as malicious. It is considered malicious because: - The package...

Malicious code in nestjs-datadog (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bd646630e4e4b32350e3698792f7e678a5be4aa1167c630d0bef9cb4d491c441 The OpenSSF Package Analysis project identified 'nestjs-datadog' @ 500.0.2 npm as malicious. It is considered malicious because: - The package...

Malicious code in poloman (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0ddad11abce315f670c04e89d4e0adc1cd0b1bbd6a7de8d1715d74bf8d99ca4d The OpenSSF Package Analysis project identified 'poloman' @ 9.2.1 npm as malicious. It is considered malicious because: - The package communicat...

Malicious code in scaleft (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3b304783defab6618943757f6247da4093e044290fe48dcd911c3362d05502ad The OpenSSF Package Analysis project identified 'scaleft' @ 1.7.7 npm...

Malicious code in newrelic2-scheduler (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3859efb970b793e36e93f0e3cda03be2815529dc41f1595932a673f2766faea4 The OpenSSF Package Analysis project identified 'newrelic2-scheduler'...

Malicious code in newrelics-scheduler (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3486e95cd25ff7754e4027cbfa4d4e8fff553cc460471594141914a5d697fb8a The OpenSSF Package Analysis project identified 'newrelics-scheduler'...

Malicious code in @sangith/newrelic (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis df1e3a9bd21e4d7ca6ae9595850002d67806ca9fd408d068bad6ce3a8a4c2dbf The OpenSSF Package Analysis project identified '@sangith/newrelic' @...

Malicious code in c-monitor-dashboard (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f1ac5ace2c2268c16914bea284713d9bf69f2414d204cb79d4f32d8aa434b4eb The OpenSSF Package Analysis project identified 'c-monitor-dashboard'...

Malicious code in latam-xp-analytics-plugin-gtm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 333a48f2dfbcb9ab75608fb120182771732f71543d3bc13c3352b144b3022403 The OpenSSF Package Analysis project identified 'latam-xp-analytics-plugin-gtm' @ 2.0.0 npm as malicious. It is considered malicious because: -...

MAL-2025-6808 Malicious code in latam-xp-analytics-plugin-gtm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 333a48f2dfbcb9ab75608fb120182771732f71543d3bc13c3352b144b3022403 The OpenSSF Package Analysis project identified 'latam-xp-analytics-plugin-gtm' @ 2.0.0 npm as malicious. It is considered malicious because: -...

Malicious code in isotopet4s-layout (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 89341dbe7c72a6b4924313c2697d976b5570b3c9056de1b6ebf35ad41337387d The OpenSSF Package Analysis project identified 'isotopet4s-layout' @...

Malicious code in third-party-library (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0f1110748d4cb8dc4eb9d93bf92e8da0c61f4f1de420b3d738ed106689c7a1d9 The OpenSSF Package Analysis project identified 'third-party-library'...

MAL-2025-191809 Malicious code in packed-w3shi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d670904891ef361ef283e3f218f21b6e3758847277e8bccb0dbecd08b08971a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...