Malicious code in @gitlab-lsp/pkg-1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7df0575a200975029552912084573cf0331e1cf02ccad8e8fd7e024536143ef8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview @gitlab-lsp/pkg-1 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2025-36789

Malicious code in @gitlab-lsp/pkg-1 npm...

EUVD-2025-36788

Malicious code in @gitlab-lsp/pkg-2 npm...

MAL-2025-48963 Malicious code in @gitlab-lsp/pkg-2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf13c79e9bdc06f50391fa8a073bbe923119de6f064d8bc0a7333b6f98c87d9e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @gitlab-lsp/pkg-2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf13c79e9bdc06f50391fa8a073bbe923119de6f064d8bc0a7333b6f98c87d9e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-36787

Malicious code in @gitlab-lsp/workflow-api npm...