ROOT-APP-NPM-CVE-2024-29415 CVE-2024-29415 in @rootio/ip - Patched by Root

Root has patched CVE-2024-29415 in the @rootio/ip package for Root:npm. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2026-25896 CVE-2026-25896 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-25896 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2020-15084 CVE-2020-15084 in @rootio/express-jwt - Patched by Root

Root has patched CVE-2020-15084 in the @rootio/express-jwt package for Root:npm. Multiple fixed versions available...

MAL-2026-5187 Malicious code in supabase (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ffc0b5a7cfe173533053ac607e28d5e000c963fc1fd706bd9eedf57902e11c1a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5186 Malicious code in autotel-terminal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eecd710c08cdc339632aae89ee93e200267cea1c34d6b429ca9202265480842f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in autotel-terminal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eecd710c08cdc339632aae89ee93e200267cea1c34d6b429ca9202265480842f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ROOT-APP-NPM-CVE-2026-41673 CVE-2026-41673 in @rootio/xmldom__xmldom - Patched by Root

Root has patched CVE-2026-41673 in the @rootio/xmldomxmldom package for Root:npm. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2026-32236 CVE-2026-32236 in @rootio/backstage__plugin-auth-backend - Patched by Root

Root has patched CVE-2026-32236 in the @rootio/backstageplugin-auth-backend package for Root:npm. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2026-35213 CVE-2026-35213 in @rootio/hapi__content - Patched by Root

Root has patched CVE-2026-35213 in the @rootio/hapicontent package for Root:npm. Multiple fixed versions available...

Malicious Package

Overview chai-as-launched is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-5179 Malicious code in chai-midpatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4deffa7a98fc055452391610a3ab832bace310cf34ecc058287f45cab02c656c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5175 Malicious code in webpack-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abd3559fc62e362d5e4d5068126317096f7e2e483d97bba9f59e192a9d49a363 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5182 Malicious code in brave-search-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d7d65e78a73a4cc2064d0ab9210a76c7c55f69553b70879dd649d7ad84e48dc0 The OpenSSF Package Analysis project identified 'brave-search-mcp-server' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. Learn more Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...