Malicious code in published_at (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6089f817f79b6c53b35373aac18fd90de2fba2940ba8daa1286c5d82ede4a9c The package publishedat was found to contain malicious code. Source: ghsa-malware dcecd48f5e6fb3589ec38336393f753621839d5278f70c28e6349129fd2eb39b An...

Malicious code in npm-published-package (npm)

The package npm-published-package was found to contain malicious code...

MAL-2025-27840 Malicious code in npm-published-package (npm)

The package npm-published-package was found to contain malicious code...

MAL-2025-3659 Malicious code in your-published-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1cffcefb87ba1dfcfc4089b98727de2186cb5179c69a0f7630c359ff62ba3546 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

m2345a-atm (>=1.0.0 <=1.0.1), ndsh (>=1.5.1 <=1.5.5) +1 more potentially affected by CVE-2020-28490 via async-git (=1.13.0)

async-git NPM version =1.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on async-git and may be impacted: - m2345a-atm =1.0.0, =1.5.1, =1.8.1, =1.9.1 Source cves: CVE-2020-28490 Source advisory: SNYK:JS-ASYNCGIT-1064877...