2 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...
Malicious code in @voiceflow/prettier-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d559f73440d8fdf3f6f155244ce54b5d8d829700d5780778a26f0ac94fb5b59e The package @voiceflow/prettier-config was found to contain malicious code. Source: ghsa-malware...