MAL-2025-191131 Malicious code in nitro-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36ef7661deeec20f2ea8ef1c642811be2a627ee5e8b6a3f51cd61de1e421547b The package nitro-graphql was found to contain malicious code. Source: ghsa-malware a77bf7f130d454574e5e838c6ce7922e015408f32542a4b15e77d26698129fe3...

Malicious code in nitro-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36ef7661deeec20f2ea8ef1c642811be2a627ee5e8b6a3f51cd61de1e421547b The package nitro-graphql was found to contain malicious code. Source: ghsa-malware a77bf7f130d454574e5e838c6ce7922e015408f32542a4b15e77d26698129fe3...

EUVD-2025-199120

Malicious code in nitro-graphql npm...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Exploit for CVE-2025-55817

This is a PoC exploit for CVE-2025-55817, a Stored Cross Site Sc...