3 matches found
Malicious code in @ctrl/golang-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5ecdb39263cebdde95cdf053ac5e3bbb38aea40824853c2004d1ada8254e138 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47132 Malicious code in @ctrl/golang-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5ecdb39263cebdde95cdf053ac5e3bbb38aea40824853c2004d1ada8254e138 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Embedded Malicious Code
Overview @ctrl/golang-template is a Typescript library that handles basic functions of the golang template syntax. Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the...