18 matches found
MAL-2025-6765 Malicious code in tableau-redirection-service (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6120 Malicious code in pro-stocks-widget (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-5625 Malicious code in plugin-meta-extractor (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8afae718387e4b2dfc69c8abec1fa53bf680355cc9e412cbeedfa77c47ac2f6b Any computer that has this package installed or running should be considered...
MAL-2025-5431 Malicious code in load-nyc-config (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-3380 Malicious code in besec (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8f4637511caaa8fbdf877671d4abfc117aa6ef86436b35652d7d1a842ac558a6 The OpenSSF Package Analysis project identified 'besec' @ 1.0.0 npm as malicious. It is considered malicious because: - The package communicates...
MAL-2025-3129 Malicious code in scrt-www (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c3dc483e4a4005db4d3a5ec2f2b2e8d63aa5b8258510f483ce9d4c7351b2c84 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3031 Malicious code in one-venafi-local-store-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6368f9d9802e4cee726a0e6cb5adae6d8a31d8ce4cea0d6d515fcb9077d2f220 The OpenSSF Package Analysis project identified 'one-venafi-local-store-manager' @ 1.0.8 npm as malicious. It is considered malicious because: -...
MAL-2025-1513 Malicious code in champion-trader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a12ee286d5987c604b6598557a7a9d8ed03564366dccc6227f87d58a9ac5c171 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1228 Malicious code in precompiled-iris300 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b2fc49c5f492a6603e16701144ee66fabcdea41176b445eb496c8e9d11caccd4 Any computer that has this package installed or running should be considered...
MAL-2025-713 Malicious code in overture2osmjs (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4757db7655e3de9ca7fa7343ca0d8cd59c899c46454ca659ff07261b884f64db Any computer that has this package installed or running should be considered...
MAL-2025-705 Malicious code in css-blocks-monorepo (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cd8788a6de395289af00ce5d63b51a4609d89ea09f2bf3eb36af0e27234e0fb1 Any computer that has this package installed or running should be considered...
MAL-2025-733 Malicious code in finfonfon (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-635 Malicious code in auth0-langchain-rag-js (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45456ae9e475bcf705080fa16f34aebd7095a7aae6490e2b0a570ecb0b36e27c Any computer that has this package installed or running should be considered...
MAL-2025-688 Malicious code in test_package_file (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53b443550dc59ee48bf343b26a7e563407dc65e43fc2fd49c177854a1ecb70eb Any computer that has this package installed or running should be considered...
MAL-2025-399 Malicious code in bookingcom-checkout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68d25686015085f4d524b134542a14b1748266da0711ecc36ae2a59afe2abebf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11883 Malicious code in microsoft.applicationinsights.windowsapps (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 52a55ac73cfe94f23310de107d74ba82bfa2e8ae17f9742af50ef4e2da42c98d The OpenSSF Package Analysis project identified 'microsoft.applicationinsights.windowsapps' @ 99.99.99 npm as malicious. It is considered...
MAL-2024-11791 Malicious code in raptor-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 585ea8fb4bbab2014a88a88807c9c5150eaf104c34a0d3158c0b7ed114aba2c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11232 Malicious code in zkonmina (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a74c40ef671e2fb9d5956f1fd7f022e0dd1ca0f1da3602a687e9172cc4280fcc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...