234815 matches found
Malicious code in housecallpro (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6e95d04cb7977b9da45686f61f19767b33fb3e4fd1af5081b1a27acfd9ee9337 The OpenSSF Package Analysis project identified 'housecallpro' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in @dirigible-ai/sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
Malicious code in @draftlab/db (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
MAL-2026-3605 Malicious code in agentwork-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
Malicious code in @mesadev/sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
MAL-2026-3603 Malicious code in @tallyui/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
MAL-2026-3592 Malicious code in hedwig-tsconfig (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a650b67b76184573f147a7b286249b1de734cfa85647aea9a9bea3284e155f8 The OpenSSF Package Analysis project identified 'hedwig-tsconfig' @ 99.8.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in @uipath/widget.sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e72fd5223273f42c47db6b5b8217e2cdce8589d9cf9545621606c249facc6ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3564 Malicious code in @uipath/packager-tool-workflowcompiler (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba55a8cfb928dc9076aa7df6b3b8d5ca1f93f4f191e6f46b4dac2824d2e36af1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @uipath/maestro-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6885645b867aaec1056710aae316b39c7601e17728f7e35b391f02198b3832b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3552 Malicious code in @uipath/integrationservice-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3ff8598d48c12ca9fe162be025bd370560d125c36c4e5dfebfbb09bccfda3f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @uipath/insights-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e4a14d8ee3cc65fe720a880c72000a911cbc45433f4113501a7246c018798380 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @uipath/integrationservice-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4edd2a2ae1287141aa4d05d85a3bc8510964321fd4e054af3a5f763d6ad30b9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3591 Malicious code in wot-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd781e61a7ca728623c44a900ca22a8cc58de2b93bcd797aeebe453ee6fa4f80 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3546 Malicious code in @uipath/functions-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91d291bc0b76606fe49b04635cbf60f335fc04ae35054cb6b9125f0a33ca9b32 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3540 Malicious code in @uipath/common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2536864ad343e81f1c46a2583836c5083e9b2cc7d39c1ea39028314ef7588a61 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3538 Malicious code in @uipath/codedagents-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7321b8eb18854f6e785ee2862e6f977f0e45ab2cfda39b5c05a3ca23a704a15c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3537 Malicious code in @uipath/codedagent-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eaec2ac4b4efbc449a39049c2d3793dd5f3c4fc4737957ba4e70f35fb6c13903 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @uipath/auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b81e35e62a526162bdd6479e8f80cea429ab1ea1ec96b59475750d7fb8cb32e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3533 Malicious code in @uipath/apollo-wind (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef4195af9b94b5185e9243c35beefab6d9cf593b7b51e5de55aa5289336ff5f6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...