2038 matches found
Malicious code in @imou/web-front-basic-alg (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a09a2b21767c80d9ac4dee1814eba71363cbdaf62aace137c60392788a16ad8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47871 Malicious code in trendwatch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fdcc4e365d2552163150eaf2fa138c0275533d653441752a4eb49ac5087100fc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47818 Malicious code in com.unity.2d.psdimporter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 988ab6368c4a52337e54f822f3ec3a86cefa2611329d86d870b14d0168dcabc2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47819 Malicious code in mahmoudtest (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 72d145d1c87ce8ee88e57350f32db7041f4a990fa68d1cba09cf285ef03959a8 Any computer that has this package installed or running should be considered...
Malicious code in rsi-configuration-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9a9a3e53f5018108f5ce8abbccd7313ccac30e61c7985e5d7d90291c30299957 The OpenSSF Package Analysis project identified 'rsi-configuration-module' @ 1.1.2 npm as malicious. It is considered malicious because: - The...
MAL-2025-47605 Malicious code in zeitwerk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acaf25aadd93141e9b88e577ad36d4e831f5fa1fbe92d0e8a97fa23404a75214 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47511 Malicious code in across-indexer-monorepo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b8fef241ea15f212acce31cd8bcc9d561a7f8a55c8367d778cca91c189d8a3a7 The OpenSSF Package Analysis project identified 'across-indexer-monorepo' @ 7.1.1 npm as malicious. It is considered malicious because: - The...
Malicious code in across-toolkit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9dcdfc6a9dc7db63bf70744266f75c8200349bb4332b36dbc8319caa1df15e31 The OpenSSF Package Analysis project identified 'across-toolkit' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2025-47512 Malicious code in across-toolkit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9dcdfc6a9dc7db63bf70744266f75c8200349bb4332b36dbc8319caa1df15e31 The OpenSSF Package Analysis project identified 'across-toolkit' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2025-47509 Malicious code in syf-api-legacy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a990f780ff2003775ab94c7c9d7b8cf3cf81b631fb625b0a827abd24076e9e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in syf-api-legacy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a990f780ff2003775ab94c7c9d7b8cf3cf81b631fb625b0a827abd24076e9e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47459 Malicious code in libvirt-python (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2071f9220268a6478afd2c0c3f551190b1ac0eec255abc1d5e1dbc35744e5e0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in libvirt-python (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2071f9220268a6478afd2c0c3f551190b1ac0eec255abc1d5e1dbc35744e5e0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47427 Malicious code in tml-footer (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 00452b25be1612714f1d3a1de19a9429e6d4f1d0c2450103ce3791c2d27ff72a The OpenSSF Package Analysis project identified 'tml-footer' @ 99.9.9...
Malicious code in tml-footer (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 00452b25be1612714f1d3a1de19a9429e6d4f1d0c2450103ce3791c2d27ff72a The OpenSSF Package Analysis project identified 'tml-footer' @ 99.9.9...
Malicious code in veilcord-tls (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron aed8328880d0c346cc1c0c9d51602617be4ea88a7a23878b68164484949555b2 This package decodes a payload and executes it whenever it is imported. It seems to be targeting veilcord package users. Its contents are almost...
MAL-2025-47391 Malicious code in @pc-analytics-filter/core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fdfc2209384455df77ab889ef6aa71c136ff6c7c2f43bb529d93568e71917d2f Any computer that has this package installed or running should be considered...
Malicious code in @pc-analytics-filter/core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fdfc2209384455df77ab889ef6aa71c136ff6c7c2f43bb529d93568e71917d2f Any computer that has this package installed or running should be considered...
Malicious code in threads5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8effab70875949584b7a99cee5c411c985858f88765f3301ef6621e4a609fe55 The OpenSSF Package Analysis project identified 'threads5' @ 5.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2025-47105 Malicious code in threads5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8effab70875949584b7a99cee5c411c985858f88765f3301ef6621e4a609fe55 The OpenSSF Package Analysis project identified 'threads5' @ 5.0.1 npm as malicious. It is considered malicious because: - The package...