MAL-2025-48108 Malicious code in redirect-1hvx9g (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 811a6896f73fe5f0b353662e9cb94f319cce1d35d89c4babf11fb1431f3ea842 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48210 Malicious code in redirect-rmunkl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7c823e800eb5cb9b5cc10839b1971def19c6b3eff41ad1d7841688f733fbe55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in redirect-297vpk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9517560a65a1c1bbd91a87b0d971d3e19dfd28ae7a73c8e9dbdd842907d362e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48031 Malicious code in migration-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6df2c870c5d08b1672285eb7a008a6c1f960920bf35587f217d96c7f08051a14 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in incommincentives (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f82fa02afa9a50bf4a03e925b89a63789fd1df25ff1031b9e6598f16b3880e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47925 Malicious code in file-uploading-advance (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a24a99ddaa80c4d726f189f11309cdab74b4343f1e567ec3c5fd01fcd9832b3c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2022-52274

Malicious code in bioql PyPI...

MAL-2025-47531 Malicious code in @sev-ui-verse/config-service (npm)

The package @sev-ui-verse/config-service was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 188aa603d30650e09cc52a7e6d86df9d9fa9e4bce6239596a6ee4a7a75a968bf Any computer that has this package installed or running should be considere...

Malicious code in lovable-ci (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 383c94c307a9e3918b3e8a1296016307e7d4379f743893becd41721604736176 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Triada strikes back

Introduction Older versions of Android contained various vulnerabilities that allowed gaining root access to the device. Many malicious programs exploited these to elevate their system privileges and gain persistence. The notorious Triada Trojan also used this attack vector. With time, the...

Malicious code in dc-genai-dropin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4921314e7e97ba500355f996a14c9619cadf54912d2dfdbe5eb22750a5e5c1c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in nodex123 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 618140b407aedfe1e6bb6be93aa0f3f347a759aa42e82f72ae5e44893a119237 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in cscvue-unplugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a34e0f08d710a6b8c04716fa45de265e2171939895e01a7d62f79cdefe72152 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in distdiscord-v11 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b003b8e11ce73b0dd1259da43ba682eb4a34b0ac0d4b48559af5bc6489c216be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9233 Malicious code in foldl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2abd5909394808c19b6d87a3b9b46e6356ee553bed6e8fe55dfa696dc0908b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in numeral-light (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0745207c17df1a5cbcd760a28f72def582f071d4860ce74387cd251b4556c1a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in working-today--soft-aim-fortnite-down-lo-ad-pc-esp-aimbot-undetected-2023-41etdn (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d8a9f0993744d4972cdf5e672ed1837953cea1a52c4cc63a83e24184de071ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in snyk.io (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76c8b0ab07e37f58fd612860770162ef6e593d6f155a12952b7eafe0afa9ffdd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @diotoborg/consectetur-consequuntur (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9282f643a0e7520d88d082ff71319849893e610b6ac28c0ce0bf1f1bc031ce48 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7150 Malicious code in @zitterorg/cupiditate-fugiat-culpa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 505aa19c407d211fbbff5a2b9e252641bc3dac0ed45bb8c4a67cc3baebbd2a60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...