MAL-2025-5473 Malicious code in vuepress-plugin-gitlabment (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-1694 Malicious code in @mp-food/knapsack (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11603 Malicious code in haaahhaha (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c8c6599371614e7710276d1475abae424b77a913aed8885e7191b0db82d96e40 Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...

MAL-2025-6600 Malicious code in testpysecure (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a202500c9717ad118db7ef8eb8d4c1de85c1afdbb442748e18010d4cf6222d5b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2022-654 Malicious code in @tinkoff-react-bui/highlighter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f35ba0953c3d1b55af3ac66481e856e15f84300b58641282f67339e9fa1bbb3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...