2038 matches found
MAL-2025-48527 Malicious code in mediapipe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57f014791ef493e45eb5be6a2972ae2da1ea71d89b02ad886242a01dd616626d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in src_components_qcreport_index_tsx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f986d5a9a1aa2f94ee01161e75bbf71a7367b9fa7f1a00f86ca9c55cc73b655 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in helosifjowe2342 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ff27da2ff03d6b016cef58dfffd401cb2f19e84cf787613903f36a4b834a7c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48451 Malicious code in helosifjowe2342 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ff27da2ff03d6b016cef58dfffd401cb2f19e84cf787613903f36a4b834a7c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48450 Malicious code in cp2-shared-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e522530df817242e07e68b2cb283eb4e70763b4ba8d248c97791fab28dc67887 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in cp2-shared-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e522530df817242e07e68b2cb283eb4e70763b4ba8d248c97791fab28dc67887 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in hyperion-react-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b9ccc060b3a05f5422ec317fc83c828522f43b1b0b2ce916d1c5d72bf082366 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48433 Malicious code in corp-ais-client-my-channel-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6a5c6a2e2c6632d11abe65b902c4dee848386ec4240aba0fee8f76983ac4ff56 The OpenSSF Package Analysis project identified 'corp-ais-client-my-channel-lib' @ 99.9.10 npm as malicious. It is considered malicious because:...
Malicious code in company-browser-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7621dd08044aeaacb68745078c793611d91031eb9852f8f667f739d485efe939 The OpenSSF Package Analysis project identified 'company-browser-package' @ 99.9.10 npm as malicious. It is considered malicious because: - The...
MAL-2025-48434 Malicious code in internal-plugin-lifecycle-card (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 332aa89488a5ecb7012588f98648ef97de374565f906dfc69ff80d4d344e9a03 The OpenSSF Package Analysis project identified 'internal-plugin-lifecycle-card' @ 99.9.10 npm as malicious. It is considered malicious because:...
Malicious code in enjin-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 24afa8ea540d65aaac41e9b8290ea35057d333217eca4a50410143aa9e993bd4 The OpenSSF Package Analysis project identified 'enjin-docs' @ 15.2.0 npm as malicious. It is considered malicious because: - The package...
MAL-2025-191862 Malicious code in saintone (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d762a42d55901a472c7070197cef989428ecb0140acfe02c72d719d74b430436 Code downloads and starts an executable widely recognized as malware, then sends some results to a Telegram webhook. --- Category: MALICIOUS - The campaign has...
Malicious code in cloak-withdraw-proofs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17382cbc158577dc1c35d32d1620e4992a2570006e2986e5701fa324a750b99d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48317 Malicious code in cloak-withdraw-proofs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17382cbc158577dc1c35d32d1620e4992a2570006e2986e5701fa324a750b99d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in my-unique-package-here (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 19289cab4482d99ed5e7a74abf6e380b1336b01b89502d23f3a63398b077f128 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vue-analytics-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6264af628cc0d76e732dffe05db10a0bd52bcffaad0549e986349c8fc542cf79 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48312 Malicious code in superbet-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45a9d250491e6e1730c0d00d3f235091fccd078ad4ed75002897332819f9317d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wt-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e2d85a0a81bf32d87da2b57522113cf28e122344c75d7055ea5d5116d63f61e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48092 Malicious code in @aviatrixdev/flight-suit1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f67f0297879682bb09001ab95a186ca13c641603c6a4694b81972b68d8a7b55d The OpenSSF Package Analysis project identified '@aviatrixdev/flight-suit1' @ 1.1.25050 npm as malicious. It is considered malicious because: -...
Malicious code in @aviatrixdev/flight-suit1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f67f0297879682bb09001ab95a186ca13c641603c6a4694b81972b68d8a7b55d The OpenSSF Package Analysis project identified '@aviatrixdev/flight-suit1' @ 1.1.25050 npm as malicious. It is considered malicious because: -...