2048 matches found
MAL-2025-2561 Malicious code in chatbot-dashboard (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5af371ce3024a5ed217ff2baf8b2a9443cf92ae8a1993552e3679be6f83698a5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in chatbot-dashboard (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5af371ce3024a5ed217ff2baf8b2a9443cf92ae8a1993552e3679be6f83698a5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2560 Malicious code in n11-web-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 635a6c33b57671f2fb87f2c61834328fccebe10874b03573fbacc4b04c495fb3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in arnotest (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 64475736790097a8b2e30db87aa02796673e4a50b3af8e0d633eb261ec376983 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in yellowcard-styling-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 12dee9a88b4f374a8db73de73d255757719bcc1d3124dfe2599b3dbfe3a49d6d This package installs a dependency hosted on a custom domain that runs an info stealer during installation. The info stealer focuses on...
Malicious code in symphony-duplicates (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e54af5b1a89c7dc74174e2e2bd4c55e97073e7849853a7b67aa0503104e1b194 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in antlir2-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 580dffd4893c96ae46965b4244381b9fcc03d13cdd1cf32b89bb7a0eee2521e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ionicaiosampleapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae3e09f0b7537140686ef5504c21e18b301f44e502feb68aad99bd4c5346a876 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in whatsapp-sdk-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 788206c160622c7c87f5e0b19b4be9383f89a8918fa3aace86ec99350a06daa4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in starrocks (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d61ee110d66f318505d0819f7b6e5ebf2b3767911b91e2748bdf5a911decbcb2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in spot-the-station-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis eb32a10195bed4025536ad80a8fc81f68b24c95dc8f8db05358097fcb07bc613 The OpenSSF Package Analysis project identified 'spot-the-station-app' @ 2.1.2 npm as malicious. It is considered malicious because: - The packa...
Malicious code in k8s-deploy-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 84c86c15f129692c3b73b16951c9f12754789e3a5ea36e3e5d517e05c7e0231b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in messaging-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9fec082e41ee10acbec950c120b5c9c4a3184fbe0ce6995a3da0356c826601e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @contraktor-tech/poc_confusion (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9fb8ec2fd9c3fd1eb30ca17367b62f932aa239c8b9209269913e9c88ea105536 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bsee-shared-hmd (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71df5f00c494508630b3f07f67a0db2756f8cd8d1228cf9ef41f5dc6f6b071f6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in customer-identity-mfe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4077d7dbb9f3ee9d04701dde8555a12f1b9437942c6e70540060d16e0288435 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in customer-identity-mfe-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f4bceaecd0bf3f0387bb417a86c4c6e4f53764a6a38ce58717d12c68b024cfe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in cb4good (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c16e1ebf21c15491517654d93507f4ac7ca8aa96e47403f10fd753ef7bcbca95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pixelary (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed6e04cfdf17df0b3303f51acdf9e0e128361f17eef5fa028f6bd70d3436984c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in layouts-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 668d31349d49bb3ffdf31cb641b2829be6ffcae92877d17241a593565a0dddb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...