EUVD-2025-31073

Malicious code in bioql PyPI...

CVE-2025-10894 Nx: nx/devkit: malicious versions of nx and plugins published to npm

Malicious code was inserted into the Nx build system package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo...