24 matches found
Malicious code in uarg-mthai-suftiaf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2d989813d1f5f08524c902513c3a30d6ce68ec67ca16ef5ce16dae215b40aaa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in o3-storybook (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware de89e5dde2144657ab48e71c00e9630b08d5d29e6a86daf29f7ce46d3380b18a Any computer that has this package installed or running should be considered...
Malicious code in flight-suit (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a6d36537b116f54f862bfade62a56a5be6181faa17c245d41201c57b229ae4e Any computer that has this package installed or running should be considered...
MAL-2025-47409 Malicious code in sbrugna (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2b3eb6e4038d15cc9e9407d28d2c69d0217e22a392a0fe3305ee324be95d9f75 Any computer that has this package installed or running should be considered...
Malicious code in kurniawan-nasiuduk98-breki (npm)
The package kurniawan-nasiuduk98-breki was found to contain malicious code...
Malicious code in gsg (npm)
The package gsg was found to contain malicious code...
Malicious code in techiware (npm)
The package techiware was found to contain malicious code...
Malicious code in zebra-koala-ahg767-project (npm)
The package zebra-koala-ahg767-project was found to contain malicious code...
Malicious code in libsignon (npm)
The package libsignon was found to contain malicious code...
Malicious code in sphnix (npm)
The package sphnix was found to contain malicious code...
MAL-2025-39771 Malicious code in xiangtu (npm)
The package xiangtu was found to contain malicious code...
Malicious code in @silver-team/sm2kata (npm)
The package @silver-team/sm2kata was found to contain malicious code...
Malicious code in sfhbxpcjwmzriody (npm)
The package sfhbxpcjwmzriody was found to contain malicious code...
MAL-2025-34543 Malicious code in tantu-fe-m (npm)
The package tantu-fe-m was found to contain malicious code...
MAL-2025-6707 Malicious code in credit-card-input (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in mahesh.testpackage (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5da4352c00899514a295b12922e7fb0db7bfe4d6a4ae270d951903a7962d3901 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11183 Malicious code in @solana/web3.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 507e136eb7d13bd9c88a5e20d692768a759c2ae382d1ab54ba66c196b560cacb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-3535 Malicious code in esqvirtuallibgrand (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx fcf7df4c64aadb4b3168363a6891dcecbc161266dbc8f740c9a9a1247fa6eceb EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-988 Malicious code in yandex-meteo-flow (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad598f1585a297ca8d20439b26fa25afb526a1f69cbdde3832e457b6daa6cf83 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sheetdevtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e52dd5d30da08ed5af819ccb58872a72020fe673b94cbcb7de9bc92850a16463 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...