4 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
EUVD-2025-180051
Malicious code in biosignature-nestjs-publish-morgan npm...
EUVD-2025-121776
Malicious code in spica-airbnb-pino-nestjs npm...
EUVD-2025-121210
Malicious code in toml-nestjs-achernar-spectron npm...