25 matches found
EUVD-2023-30143
Malicious code in bioql PyPI...
MAL-2025-39013 Malicious code in webjet (npm)
The package webjet was found to contain malicious code...
MAL-2025-38502 Malicious code in vista_v5jbm_amq3m_fireworks (npm)
The package vistav5jbmamq3mfireworks was found to contain malicious code...
MAL-2025-6658 Malicious code in stv-utils-frontend (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6116 Malicious code in pre-and-postinstall-scripts-example (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4994e0104f427d4e6ac062c0ec26e609127db5c43b703a286194e39d36ae9e9 Any computer that has this package installed or running should be considered...
MAL-2025-6125 Malicious code in slf4j-api (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7ccd4cc3b9a566cde097a25dda1efca4dc2bc70d632e77b01f3e21128e03356 Any computer that has this package installed or running should be considered...
MAL-2025-5597 Malicious code in @figshare/old-viewers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b582af08f54b24b027eb8ffb5e56e63e4efff4c947ef2abb5fc552a7476539d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5559 Malicious code in hardhat-deploy-notification (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2081250ac75574ee18ddea2caa510104e94d2673de1ad4fa445d96559d2a1f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5515 Malicious code in r6-info.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5776f3141e453fa085c2ea81f617610e3243fa733cbd8f54d01864a57e54247 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6477 Malicious code in chatgpt4 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6a2f99d20569358bdeab51db7e4f6ea0348c87bbf832a7bc244581a472a05072 Importing the module starts shell code execution --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-5091 Malicious code in widgets-networkupdatetool (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-4802 Malicious code in @loybung/provider-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1dc5e2aaa75780249ef49329cc88e74468511da4956872cadb22549951afb87e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4637 Malicious code in @majidalfuttaim/maf-ui (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2330446b43c4350ffd756e057399577c16b5b7b20767a3a71fc73b20664fe62 Any computer that has this package installed or running should be considered...
MAL-2025-4599 Malicious code in nexpi-session (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d4b8f8b92b2eff3d48f438a764913f3c88f02318ff7b4cc2d8783c332e76885b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4516 Malicious code in trip-plugins (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d2290ac829220daaf6f2242ec116548af3053789350c71da7b541e9d65a523f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4446 Malicious code in osuny (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a422d19cd1a77a3b8c8f23546a8b28a164d923cfef3b4fee3187c2bac2d8b19 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4146 Malicious code in @character-tech/client-common (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-3991 Malicious code in fanotify (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bad587097321dd0862dbb332c1103171c68338080d4f4a935afd9ed80f56ba3f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3870 Malicious code in api-doc-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4ed9c9d80a7285c6d9eab363f722cabd59b29f3239576a4562e6c881d6ad8899 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3552 Malicious code in internal-payroll-lib-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38b57b13614231552ff2a81bd698a53edcac5cfcc943ef879a6a2e1de08d7fed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...