3 matches found
Malicious code in nirvana-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 56c15918eda59ba0f3eab8b18cebaa86284847edd4b74d8a8aab43deea503c39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-625 Malicious code in nirvana-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 56c15918eda59ba0f3eab8b18cebaa86284847edd4b74d8a8aab43deea503c39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview nirvana-api is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...