3 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Malicious code in @kvytech/medusa-plugin-announcement (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fda18824e7544b009117ab962028a53a03245d741b85fa30789a9cda67f5b1b The package @kvytech/medusa-plugin-announcement was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190746 Malicious code in @kvytech/medusa-plugin-product-reviews (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e7d8c065be2eaeb4187aed0dbe61de9f0f0ee2b51d61330d9211866dff01504 The package @kvytech/medusa-plugin-product-reviews was found to contain malicious code. Source: ghsa-malware...