Malicious code in @jaime9008/math-service (npm)

Package classified as malware due to code obfuscation, use of eval for code execution, and a low number of published versions. The file lib/lib.js contains same obfuscated malware dropler as malicious react-refresh-update package, the author is same for both pacakge. --- -= Per source details. Do...

Malicious code in react-refresh-update (npm)

Package contains highly obfuscated code with dynamic execution using eval, a strong indicator of malicious intent. YARA rule matches confirm. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68cf0c0bd6ed2a8c07bc175b5c0cc7f86a49133e67dd5d8f68f37309c5f1a463 The...

MAL-2026-1485 Malicious code in react-refresh-update (npm)

Package contains highly obfuscated code with dynamic execution using eval, a strong indicator of malicious intent. YARA rule matches confirm. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68cf0c0bd6ed2a8c07bc175b5c0cc7f86a49133e67dd5d8f68f37309c5f1a463 The...

MAL-2025-6247 Malicious code in vitejs-plugin-react-refresh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1686bc018b42cf0146c11ecc1796ef7bad5ed0bb6b07eae4ceffd65b35f36255 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in vitejs-plugin-react-refresh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1686bc018b42cf0146c11ecc1796ef7bad5ed0bb6b07eae4ceffd65b35f36255 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...