Malicious code in loadyaml (npm)

The package loadyaml was found to contain malicious code...

MAL-2025-25475 Malicious code in loadyaml (npm)

The package loadyaml was found to contain malicious code...

Malicious Package

loadyaml is a malicious package. The package exfiltrates IP, IP-based geolocation, home directory name, and local username through a preinstall script during installation...

Malicious Package

loadyaml is a malicious package. The package exfiltrates IP, IP-based geolocation, home directory name, and local username through a preinstall script during installation...

GHSA-MFC2-93PR-JF92 Malicious code in `loadyaml`

npm packages loadyaml and electorn were removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local...

Malicious code in `loadyaml`

npm packages loadyaml and electorn were removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local...

GHSA-38HX-3542-8FH3 Malicious code in `electorn`

npm packages loadyaml and electorn were removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local...