Malicious code in insomnia-plugin-random-pick (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8717488a1afc3be853313a0f8f243fa748188c0b321d8c9096182cf59bfbb1ed The package insomnia-plugin-random-pick was found to contain malicious code. Source: ghsa-malware...

MAL-2025-191111 Malicious code in insomnia-plugin-random-pick (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8717488a1afc3be853313a0f8f243fa748188c0b321d8c9096182cf59bfbb1ed The package insomnia-plugin-random-pick was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199136

Malicious code in insomnia-plugin-random-pick npm...

@pnp/nodejs (>=4.0.0 <=4.1.1-v4nightly.20240617), insomnia-plugin-azure-ad-authentication (=1.1.2) potentially affected by CVE-2024-35255 via @azure/msal-node (>=2.7.0 <=2.9.1)

@azure/msal-node NPM version =2.7.0, =4.0.0, =4.1.1-v4nightly.20240617 - insomnia-plugin-azure-ad-authentication =1.1.2 Source cves: CVE-2024-35255 Source advisory: OSV:GHSA-M5VV-6R4H-3VJ9...

MAL-2022-3850 Malicious code in insomnia-plugin-simple-hmac-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 82257b4c71933f16336920865f08941bf1fd250ffd06dd3e34a99e3319b78012 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview insomnia-plugin-simple-hmac-auth is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable ...