MAL-2025-3701 Malicious code in @walmart-dataventures/integrated-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6500cbbfb04c2cba829725a6851746577238ca39c724e4030421834285a958fc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2340 Malicious code in notification-center-admin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3608296b1021343f3245e75793f59483ee9c78f0aa41ca662756286d02d348a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2070 Malicious code in connector-colaborator1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9a80cb3d91a164687c80e6c2353408b9a523ab14d72481ceda8aeb7e875b339c The OpenSSF Package Analysis project identified 'connector-colaborator1' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

MAL-2025-1527 Malicious code in wdpr-ra-node-mpropz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 06f859971691a195993b3391bbb8b6a83e269eb750856157e81f65d66c2625cf The OpenSSF Package Analysis project identified 'wdpr-ra-node-mpropz' @ 999.999.999 npm as malicious. It is considered malicious because: - The...

MAL-2025-554 Malicious code in meli-gateway (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9249d44462b60e1bb8316d13cd455eaa9e98c79213089c77eafe6020eb1507f4 The OpenSSF Package Analysis project identified 'meli-gateway' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

MAL-2025-467 Malicious code in godaddy-jira (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0473725a6fb29c56e4180ffd2f8931423f98cac787916cf13b3674f4372f0dc2 The OpenSSF Package Analysis project identified 'godaddy-jira' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

MAL-2025-454 Malicious code in epicagames-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5f5119a8d3882fc892a6be2ae081900b4ee56e5852960e27c8b6a9222cd6d78d The OpenSSF Package Analysis project identified 'epicagames-user' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

MAL-2025-428 Malicious code in dropbox-jira (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0a16e8de4a1868b669337f57422a85d6ecc5afd129e72189183739aabd92d46b The OpenSSF Package Analysis project identified 'dropbox-jira' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

MAL-2025-421 Malicious code in coinbase-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1e9b3add04221c71d7c4f8d36b9c03ab651121a7e205d0e29793bd2441f46b8a The OpenSSF Package Analysis project identified 'coinbase-parser' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

MAL-2025-38 Malicious code in alchemy-web3-webpack-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0baf7db6925882a96eddaa00b4877f9147183d9b00a85fd69b02e5fe625f7ff7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-37 Malicious code in shopify-ecommerce-shopping-cart (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a28c4bb6f1ccd57758357f7949eda10b66b8dcc6c7249a4b0756f28d5517369 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12075 Malicious code in grafana-report-panel (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8623412527e3e107cf7a8046c236118472390191d5e456e969b6c628b3d708fa The OpenSSF Package Analysis project identified 'grafana-report-panel' @ 2.0.0 npm as malicious. It is considered malicious because: - The packa...

MAL-2024-11789 Malicious code in majidalfuttaim (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1f62a0253b388a37cdf7f07ff7d02dac3e0bbed2516288af419cdcf7218c979b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8977 Malicious code in collaborator-trigger05 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 19b4660476331fc41f23ce20381efcebc7f8ba7c11954f491848bff463c7f0b0 The OpenSSF Package Analysis project identified 'collaborator-trigger05' @ 1.0.9 npm as malicious. It is considered malicious because: - The...