23 matches found
Malicious code in big-nunber (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f23ede1c7b10923f9db48acb43cc160860b18e8be59b8bd2a26109ac8495ddd0 The package big-nunber was found to contain malicious code. Source: ghsa-malware af922fdcf3519d03326fd29435ab7bb179a1505a9082641e92a2f77f98332974 Any...
MAL-2026-1308 Malicious code in iron-image (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64bb41903e84d6a7adabb1c7268258090468e2e83e6f31fb679d594e8266f79e The package iron-image was found to contain malicious code. Source: ghsa-malware 11a0db876976d8589a7d975fb9c112f6569a4fc2708fb21c378166c2a1f8d204 Any...
Malicious code in n8n-nodes-gg-udhasudsh-hgjkhg-official (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f177f9d8bad0a259983bc9f3e0880c59ee120b1e686e3f10b490ab0527beec3 The package n8n-nodes-gg-udhasudsh-hgjkhg-official was found to contain malicious code. Source: ghsa-malware...
MAL-2026-422 Malicious code in oce-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b843dd5f2dd468eea116bc6b01258c72903738ea423def44e73bbee3e0a477f The package oce-icons was found to contain malicious code. Source: ghsa-malware e946a5aefa4f4734044a2667883bff32c43c93401630708063066e1348fb2b25 Any...
Malicious code in mad-2.0.2.2.2.8. (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a417a96fb1a489ed21a97883097356cc05d7f014eee21d941bc0cf6a4541c036 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47995 Malicious code in kios (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3d1a6fd29b8a60173e1e93d44f68fb2a9acb13751e32bc0293a3ac9d72ac1c9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in oxrvxxxxxaslllcaj (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cbb43c3aa5e1fe9b33fc7a3c3a439ef7edd69817df8984551602b834f7b64584 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47392 Malicious code in @things-factory/shell (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ebd494f09184269de61b62501f8b32bfc56c353807f7e7356cecc35c5ab1346 Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-3817 Malicious code in auction2keeper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a1265daa7b9386ad2a63a86ba2eb58d87c935540fd821d18d22d2c08e9a0e318 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3974 Malicious code in wegenenverkeer (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 208aef56bca72858ba42a6a6f8e100ba7b9cbf696d45876b6797afb8b6d6ac27 Any computer that has this package installed or running should be considered...
MAL-2025-3708 Malicious code in buidl-wallet-contracts (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6b5221b4cdc1f6532fbece9f61c742fbfdd72e88d8fc1d5ed8c9dcae92157e8 Any computer that has this package installed or running should be considered...
MAL-2025-2406 Malicious code in reason-calculator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0c4a55fcc5c8561afbb5e8b0657b735402db2afe7ac15858050352a3a8aa8c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @airtel-lego/sentry (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e126e868d890d40f42157c798a5f6385a6b2cadb73c9a125606b59c79057cfdb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in explore-assistant (npm)
This package runs commands on import that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9e10cb387b2960187d5b207b5b8dd3c8e8583e0c91741a0c4506c05af801ed2 Any computer that has this package installed or running...
Malicious code in archon2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2efbecb91840f3bd10abd707ee59f45fc25c310b59477444324c0d40c7e128bd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1412 Malicious code in electron-dependency-confusion-window (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware db478dbbcf0f5373a70e3193cc1c658b4438bdcd02a3f432b141e442e7bbbda7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in biconomy-dev (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ccacc09681a6383aa261381df93b651a806293270c031081ae4af8f993652c7 Any computer that has this package install...
Malicious code in crypto-main (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0a037816e38bab1c99484a360227650688ef0859f5e52d151d3b2c87a0865535 Any computer that has this package install...
Malicious code in @devstack-angular/jdai (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac06a10b7b09cb556a876d7b76ede19361cf8c7fb2b92fe70daf3f55cc180dd2 Any computer that has this package installed or running should be considered...
Malicious code in @add-wallet-exchange/import-type (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 009dc7d5e85690b3a1fdfe88879a357c8277b755a5983e5e9bcadf1e2624af1a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...