MAL-2025-15306 Malicious code in babel-preset-pp-react (npm)

The package babel-preset-pp-react was found to contain malicious code...

Malicious code in @zalastax/nolb-react-rw (npm)

The package @zalastax/nolb-react-rw was found to contain malicious code...

MAL-2025-9150 Malicious code in @partnercenter-react/ui-webcore (npm)

The package @partnercenter-react/ui-webcore was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-5936 Malicious code in modern-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 551ccc399991abf0310245b17e68d5526426644f1b0e41c7d7d6b1b1286a425f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in supabase-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d99002d0e83f91ca297ecb91950c973f76ba284c9b63eba89946e9bfac2672de Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @mse-entitlement-sdk/react (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 995ec6e409e21dfda12726e0ffbf16d84fc04fda1705805e0ee90fe4e1b23f69 Any computer that has this package installed or running should be considered...

MAL-2025-4540 Malicious code in @fms-common-biz/basic-react (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-3142 Malicious code in arno-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09b3072a4a914ee5e85596d8f9a01d42ed0596c24aa05bc664e85067c41cbd3a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2387 Malicious code in hoist-non-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 424865e2aee8385bd2b6cf103c939dc9a1d3d8784efeb6d8f197d71de928340b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in foundry-js-react-blueprint (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 003370478f168f2d57cb08caf6214ba25adf57eaefa736fc7460dd4550ee09c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11962 Malicious code in csp-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 07c56da928c82cee1c2a2332c92447b99ae4d8fa17441e9391ac05a4f38d3323 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in custom-video-daily-react (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in brkr-lib-components-react (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in california-state-web-template-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 91a0432190eb409c84a7c6bf3c06b34d9b7c4571be93f31b3635a925f4a4099e The OpenSSF Package Analysis project identified 'california-state-web-template-react' @ 9.2.1 npm as malicious. It is considered malicious...

Malicious code in tslib-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ef2c27850230a6ec89e578f414b36de97f9850b32450c33921cb68699cf3ba38 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

Malicious code in experience-template-renderer-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware afa26f6f8649c313b48cb94b98dd23d01c15d0bc8cce3dfdfa2af4e410b133ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nexthink/kendo-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f467a184cd4128f3ff5582509381c6a9d5f501b958106f179f6b4a00bf0cf4b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5630 Malicious code in react-addons-csgtransition-group (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91dd68f9a036ce8b4eaafd804e42bffb33a88e09c44772a5314f7203c9f8ddda Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in teamcity-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 966b43d3855a0deb55b7e4498d6ba381240981ced1ae568dbce283150abac8e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in typescript-react-sample (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17d0a570a3a61c4e423df4e8a3cb5eb2707b8e6e403940787c8fb55bc7753f3e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...