49 matches found
MAL-2025-47416 Malicious code in voip-callkit (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a734b4465eca2576dd3250f97ed37e8537b32d73d0b45adc3bca41bdd52c633c Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in create-hest-app (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4f8a7c74b24a78d61a35d81d643117f524f843b425f34d281012f7ab8632868 Any computer that has this package installed or running should be considered fully compromised. All...
Self-Replicating Worm Hits 180+ Software Packages
At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub , experts warn. The malware, which briefly infected multiple code packages from the securit...
Malicious code in @crowdstrike/logscale-search (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf328d64388e35603ec9a233e2d1ba28fa6fd2508bf245a22733a1818a670e92 Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47353 Malicious code in thangved-react-grid (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb6134bdc146e263c03b7d3570bbacb8e08229e146913f1c48c206423f98b2eb Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47336 Malicious code in oradm-to-gql (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d0ac4253913c37f56a9ee729dd49820eda47882515ce23f981c61b39f249ecf4 Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47313 Malicious code in eslint-config-teselagen (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89578bb497a4146350263dc8ff6e50c742f9272af2886bd5afc2e0b26160082f Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in koa2-swagger-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31fd12270f2d2a5b53bfaf3aabcbae8d26a7eec21613c28e4673369a33025ba5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @ctrl/torrent-file (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff09406779243d2fc9bc760936ed5d719341a950dcd013607c74fb31c9b437f1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...