49 matches found
Malicious code in one-view-chat-ui-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a53a27e69da28c6b1eb4c8f441a2e0723e4b7b5c0aaaab08233f5dd41b76308 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wnba-parent (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61f696f0e2dd839f3a95ac5bfd9e38dd4b3910253ae2d56e79fe088a08519db1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @tanstack/router-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bd6f7a2fea608220d5d0783a4762813d4200689bc99a551bca4304e2b681022 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview svg-content-validation is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
MAL-2026-1478 Malicious code in wordpecker-fx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d02b17de27c1b9af727c67a5b24127118687a1ba6ce1c11e7aa7eb0f268fc741 The package wordpecker-fx was found to contain malicious code. Source: ghsa-malware 402a742fcb1e315f799df41aa02111a85a415621d90b7e15ebc3d2398f528e92...
MAL-2026-1451 Malicious code in @sheniraid/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec58e185ed8a16337c255a734dd403cfc5efd957a33d7a0f978e91721a69c8f5 The package @sheniraid/baileys was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1078 Malicious code in socket-dgxeon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6b1cdce1957669bd7cca7bb7c90b018a87fad6ed9ea49b4874f127272f0c00d The package socket-dgxeon was found to contain malicious code. Source: ghsa-malware 0f36366d3dd38134f3c8176992483c8c67f2e502ca9b774a4ea5a3fc2d428efc...
Malicious code in cnamts-captcha-component (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f061900c13c9363e97f1336b62c6c9efff79aefdae954a4d6183900bf71f69c The package cnamts-captcha-component was found to contain malicious code. Source: ghsa-malware...
Malicious code in dotjsenv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199e0e242516cf235f3d4f4d7b7921f7b52573e674bd76da515939782a81c153 The package dotjsenv was found to contain malicious code. Source: ghsa-malware b4dd239728dde802ec7a7aadd85d2a9f1c5c3e8b83e5f19b92a2afab16d1cd1c Any...
Malicious Package
Overview prod-natwest is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in uba-plugins (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcb257605c151aafe2aad5cfe0a574b33989c084ccee06ee6ff0b74c33afb907 The package uba-plugins was found to contain malicious code. Source: ghsa-malware 2a73b282a96cbf09b981101e3b9e4056c51c7d9524e1cf62a41d71ce8f90f36f An...
Malicious code in ui-cluster-driver-otccce (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab4e0c2fa1483c63a547be16744188b63b2c41acb5704b081cd0cdc46b570458 The package ui-cluster-driver-otccce was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190739 Malicious code in @ensdomains/thorin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b9c01ec760c3b86219974f606ccd10c9b872a38f725916392971a20b50e4b57 The package @ensdomains/thorin was found to contain malicious code. Source: ghsa-malware...
Malicious code in tailwindcss-setanimation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2480ddf4dd248c9a26270a9acbeee92fcc8fd3c881fddc776c2e372e880ded7 The package tailwindcss-setanimation was found to contain malicious code. Source: ghsa-malware...
Malicious code in redirect-p8ris1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 04da7ed54a66a21cd724557550afeac1590a329330a33c3c0b5bbf897e250c0e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vite-plugin-chunk-chop (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f0a281ba5e607e5e0a1ec33d95c6f94c54c8b9e04bb37df988126453585d7a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47379 Malicious code in @art-ws/http-server (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1148086ae7be1e10c209ad1d5b54d91c8c7c651b11f99c6d01b7f79a84118212 Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in color (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3507ec02d0eb24c87e1f7621140bb5e6a4a343308e7ee8af79ef7f84617f8577 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-46982 Malicious code in supports-hyperlinks (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6b84cdad651002e1e7ef0c1095ad079307474d09b03369f3b025eba0188e377 Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in @sys711/my-npx-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4c05684044741c67899c2f0bd5728540fec66f7e4f62a44542006c938e0c550 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...