MAL-2026-4281 Malicious code in project-init-tools (npm)

Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...

MAL-2025-191541 Malicious code in bignumx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 745b8508e8818e81e53f71cf2467fa31620191825b820f424eb9f86ab1e5f49e The package bignumx was found to contain malicious code. Source: ghsa-malware 98b45b53c91ebee4c77ebf3ba359608318ce17878eb8edb1cbd2a7e65238dbff Any...

Malicious code in mad-1.4.2.2.2.8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d0a5225829fc638c078c685eb6af4bed3caed292f068beb8b26ce84158e7cbc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in autogestion-aprendizaje (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a10891d5659b15f733c35690ff9315e18a84d6eb133bbe3f99e6ecd9408bec37 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

DEBIAN-CVE-2023-34323

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

SUSE CVE-2023-34323

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

Malicious code in crack_vialibera_gestione_contabile_free__qls (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1b13969c687305e90b01e89b2665c76348543c10105e4513cd52b997b6e2c49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in gvckofeyuxstdjhb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a82383b3f8a7751f766eadbfd11d8b6f8b9174103145a36169cd0dfd6cd0ce5c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...