Malicious code in @nstudio/xplat-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57e90dbbaadf86b3e06a0b86bc92cf8e5545e60cf5c09fdfe1d22e59e56c67b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47170 Malicious code in @nstudio/xplat-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57e90dbbaadf86b3e06a0b86bc92cf8e5545e60cf5c09fdfe1d22e59e56c67b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nstudio/xplat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 428f67f5c50b5dde563748444f509f1f52d4c606edea886a1906b387cf40198a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47169 Malicious code in @nstudio/xplat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 428f67f5c50b5dde563748444f509f1f52d4c606edea886a1906b387cf40198a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

@nativescript/plugin-tools (>=5.5.0 <=5.5.3), @nstudio/xplat (>=20.0.0 <=20.0.3) potentially affected by unknown CVE via @nstudio/focus (>=20.0.0 <=20.0.3)

@nstudio/focus NPM version =20.0.0, =5.5.0, =20.0.0, =20.0.3 Source cves: unknown CVE Source advisory: SNYK:JS-NSTUDIOFOCUS-12744498...

@nativescript/plugin-tools (>=5.5.0 <=5.5.3), @nstudio/focus (>=20.0.0 <=20.0.3) +2 more potentially affected by unknown CVE via @nstudio/xplat-utils (>=20.0.0 <=20.0.3)

@nstudio/xplat-utils NPM version =20.0.0, =5.5.0, =20.0.0, =20.0.0, =20.0.0, =20.0.3 Source cves: unknown CVE Source advisory: SNYK:JS-NSTUDIOXPLATUTILS-12744505...