19 matches found
MAL-2026-2656 Malicious code in tailwind-stylecss-typography (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e0f774188361889c2e95f246317a2fece3219b9d9952ff3645e4d108bc525c5 The package tailwind-stylecss-typography was found to contain malicious code. Source: ghsa-malware...
MAL-2026-833 Malicious code in express-configer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e492b9087ab21198777e586b9d21eade1fe2948bb67f1ab484c7274056861276 The package express-configer was found to contain malicious code. Source: ghsa-malware 8484436a0b43b94054c0fa7ceb955362a6557d9bef3019e2fae2e51e42ff1f...
Malicious code in xo-shipping-change (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 194261ca5ce11a3a819c4aa938f33cd04d1089a614c0e1a224229efae8fc0edd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48599 Malicious code in vite-compiler-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4aae44a97a8da023c5a1e6a16ecf72e6213bbaeb5ec752ea9e903d15a1287d79 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in company-logo (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3356f69fe3ebba321196add643af22e2daaff13de896d2ad82a6d79d9c381709 Any computer that has this package installed or running should be considered...
MAL-2025-47992 Malicious code in incommincentives (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f82fa02afa9a50bf4a03e925b89a63789fd1df25ff1031b9e6598f16b3880e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pixelary (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed6e04cfdf17df0b3303f51acdf9e0e128361f17eef5fa028f6bd70d3436984c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in confidential-package-nam (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d1ca97a7c95d3a7f0bc8302fdfa94f96077f03fa620c53c49791fa260617d310 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in duckc2-v5.2.3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 312f10b261529061f06f146485b626f5ac5f86887bd775baa9cc015f430d1e07 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @diotoborg/facilis-pariatur (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 521670b04d11dde517858e57045bd156fa430e5572485f7480cab02360a7ffac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wlwz-2312-7007 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 054324edaf863762b0676dc56bb6ef9b8dfa5f3798e0f9815e1e4e01946d9f33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in test-dr-pkg-001 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d511e9d40183359a36594e6f9c61d50195d8e1686197d6e9aded6ba780e8fda6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @gumtree/ui-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f495166781b53d4692646ceae552716afa0c80fbc51ff32f0dd98df0fc8081d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in generic-ui-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7f87fcdafcf972ad5460dfd5d8fca046c5d3c1545f8725f7dc18174de69c362 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in stklus-loaer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e561a36b793215d238ce833fba5aeb0db52df8493ea94d982756b4da2fcf24c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in normaslizecss (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 353e22d5cb6a986df242477d1b31e19bcd72d6e5028b4f58e373164519c29b7c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wm-shared-consts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92dd52928f108691d1d01c6e868a6732508ac110b355d42ec67fcd2817ee676e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in plugin-typings (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97b64ac09f896fe6ddb004951a14588053024a3cdca4f87019e8f92f78f18c10 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pedrolinsisi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b9b54404e304f138b807108d75affd7f167ad0d4311b8d34fbe7b98277334ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...