CVE-2025-2903

An attacker with knowledge of creating user accounts during VM deployment on Google Cloud Platform GCP using the OS Login feature, can login via SSH gaining command-line control of the operating system. This allows an attacker to gain access to sensitive data stored on the VM, install malicious...

MAL-2023-8470 Malicious code in jest-coverage-report-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0a570942cc8be879311bbb1b601f658554c30fa3734aacac08c1c53289da55bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in my-oauth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a9a2c5c46b8e8654ac9432c80b3ce72083cda20ffada8ef7098636fd56eae3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in custom-cldr-rules-twitch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5d09f0eb89f3f104480711ff0d04c3de13f8456e4cfc65796e6c8a53db2bb70 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...