Malicious code in niletestpkg1 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-41312 Malicious code in msalv2 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cca3fbaf2aacbd857c8661a88233c1a756fd75c6f60d675a32374d9c95cc019e The OpenSSF Package Analysis project identified 'msalv2' @ 99.0.9 npm...

MAL-2025-41245 Malicious code in @cf.cplace.platform/forms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7be4ed03fbd3f41262f582eab6a80ae6e67fe611301ef8cf9558555a0add3af9 The OpenSSF Package Analysis project identified '@cf.cplace.platform/forms' @ 9.1.99 npm as malicious. It is considered malicious because: - The...

MAL-2024-10809 Malicious code in seller-vuex-report-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d1caf07f7bf71a4f82b9bc3d65c3a2cbd6a7f7762185704479a04da297485e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10577 Malicious code in @devlovedz/react-native-camera-kit-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 724956d5e6ddbc30c35608c68d7472fa0048ac56d9b14ce49222f18a4287d39f The OpenSSF Package Analysis project identified '@devlovedz/react-native-camera-kit-example' @ 0.1.0 npm as malicious. It is considered maliciou...

MAL-2024-10594 Malicious code in oclip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dc21e51bf306056c1f7386f6e7baeeec043f05fad768571f28624da41dd7b038 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

MAL-2024-10362 Malicious code in v2xlm-gml (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7fbdd4767b759c720bb13db759299986734471ff1064c52f7d25110c8e9aa617 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

MAL-2024-10358 Malicious code in lightseeq (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d14d6932bfe1a879a7af0d37aa99c04a96678783d745e6587d5c95c39086e09 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

MAL-2024-10331 Malicious code in mixpanelexpo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c3835238b933b46ead226a6a905afb3250547ffd233f3efc2f8f9dab538d310c The OpenSSF Package Analysis project identified 'mixpanelexpo' @ 99.99.90 npm as malicious. It is considered malicious because: - The package...

MAL-2024-9414 Malicious code in tapable1types (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06f6008e10e159c6e89486a4fc8dde882928265f950bc52ea0566194956dc786 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9046 Malicious code in arkose-vue2-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9008418a813522522804dfaf58f73128ae52ca85667b506962284ddbfc3141bf The OpenSSF Package Analysis project identified 'arkose-vue2-example' @ 1.0.0 npm as malicious. It is considered malicious because: - The packag...

Malicious code in colotama (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa7312f48aedc863c1eb3377178692b7cb1fe1503114d3cbc6cdc97572b9a6c0 The pyprettifier library has a feature to send out the user home path throuh the logger. It's attached to the init of EmojiConverter class. Other related...

MAL-2024-9025 Malicious code in textannoviz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d112629d453ff55ba22ba56e98536f241a9ed17883c1bd52e57da76c41a8f131 The OpenSSF Package Analysis project identified 'textannoviz' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-9024 Malicious code in @plentyofcode/reef (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b990437e587fd2474b5000fd9f707f0e84e18f3c7dcea47121c3c8e8d28c2316 The OpenSSF Package Analysis project identified '@plentyofcode/reef' @ 1.1.263 npm as malicious. It is considered malicious because: - The packa...

MAL-2024-8837 Malicious code in @warnermediacode/wme-theme-gelatam (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aaf48e991eec02e4a2336deb7d55aa9bffd7867db6f927c1e12487170a208a41 The OpenSSF Package Analysis project identified '@warnermediacode/wme-theme-gelatam' @ 99.50.55 npm as malicious. It is considered malicious...

MAL-2024-7897 Malicious code in theme-bahrain-nb-hdddc3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e53da1719f478c46169b284e06518c71ee941c34320a1e6ae4ad97fd77a568a5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7870 Malicious code in persona-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32b489c0a0bbd44ab1697c3d0492595441e65b30a71a26af76a7dce54fb3d706 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7689 Malicious code in sap-cats (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 01665862aab373cb3718450061593c791128c0165f161a7105a72e3808845186 The OpenSSF Package Analysis project identified 'sap-cats' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7572 Malicious code in sap-assignmentform (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 08aacf1067cdef362e4c9fc7d8498f96906f4d0c1ca192414050f1e92ff480de The OpenSSF Package Analysis project identified 'sap-assignmentform' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-1645 Malicious code in comet-chat-react-ui-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9a6f38c4d9dd2413e237c8d146d5fcf11d04f613910b552a32a52b3e4cf199f6 The OpenSSF Package Analysis project identified 'comet-chat-react-ui-kit' @ 1.0.1 npm as malicious. It is considered malicious because: - The...