18 matches found
MAL-2025-190670 Malicious code in @orbitgtbelgium/time-slider (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e31786ffabd43155f6f44bff0d14b7e2d5d7b4dd88bd5720bb7496f6608f9de5 The package @orbitgtbelgium/time-slider was found to contain malicious code. Source: ghsa-malware...
MAL-2025-48422 Malicious code in deficonnect-private-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 26fd8af3107a958bc5c4f36594967520138fa3593b48322649201cec725af371 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48419 Malicious code in cryptocom-private-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c127979ce2c818c0baa9e2f6212dc73783686c797a35b3e63148a4815325de5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48030 Malicious code in langflow-api-chat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0d493794349f9fd072b31947424562afcd5b86b1fd642a42cf613d4b363f5cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in theia-killercoda-extension (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 327422d1afb4b6b92f4af1ab86ec0f1ca00db649a7e7911231134aa463e1a8e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in querypilot (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2c3898e80b9dd4a417ddf444390b2d4adef6f4ac18a5f2e63f2d25defde9db27 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ton-payment-channels-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9e7497de28b982ff9a30a2d494d34eca9c190bba81a330f16ca8cdf7955e20e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in web-prototyping-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0a14e26877ba590485f30ac33a914cfaa213c85de0503b2ff68bd4d9debc5e0f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in seller-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 26a60e43622156734ed64b698b46f6115dd23fb593fd5b9da41b6a8fd50faebf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in developer-integrity-avishek (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5cb52fb483ad0e308286bf5982001d04d48d1f0a2f9e6f5123dbe6933680fa5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wlwz-2312-3900 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9262da05a9b5872d673613e65cea749c20e5def010d2f8b83ad7022552009156 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in feature-flag-framework (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df4e8ce0407df917eafb41b7196edef8f261e63662349d90b1a5d6563cd6692c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in usaa-select (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1a0a2b3751f6688b7b93ed4f71fc77b99863442191da95fcd67f8555fe4a8e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in attribution-project (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5afc91a8d62e415d605efc5e9b132faa79e4d67b5aa087375dff9b544b70715c Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...
Malicious code in prmytrs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 112afa4d414f6e097065abc101a647f05abc73856743115521fd847cb992b4f2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in moneytree (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66244f88816d76dcf1340a2a307dcd778e9d8d84b79b480992f637728a6c9627 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in registrydependency1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 62318deb2a62bcd770ab627f665a4ac02c389c037c9b1b49ded944fa61228b80 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in twelvedata-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c036b95c651dc0bdcb11ec39fc95c8bb60573925682e6ad0b6a7a93290a1775d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...