55 matches found
MAL-2026-3020 Malicious code in @bitwarden/cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6fb2336936a86f37fc2018f8e68dc9989ffc3e79aa23297bf470de178201f50 The package @bitwarden/cli was found to contain malicious code. Source: ghsa-malware 8a8c7958926d5ec3795102e9114dfaa649ae3160afb9159ec2c46f044018b776...
Malicious code in test-mal-npm-pkg-local (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e75a0b0eec22915db4ca63da2987beda61280504b532ef780e81b26d53e11d8e The package test-mal-npm-pkg-local was found to contain malicious code. Source: ghsa-malware...
Malicious code in telegram-bot-start (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 850fdb1c7d5ecd92e025e8b58e36afd28fae3e1d4127151ee4e3ee8e634d9b0c The package telegram-bot-start was found to contain malicious code. Source: ghsa-malware...
Malicious code in muleforge (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a547ae30a3611da545a607846c864a52e6d4c02c515dc4280b5b74b841c6f8e The package muleforge was found to contain malicious code. Source: ghsa-malware 4337a4cda2c79d821c2425b131f7fbf169472e4b8b4e07a7646ed384cb7a7b2c Any...
Malicious code in tsleep (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed66f2b93e98b57d021fd0653e70765b4b209fdcd11df8fc84d9ef9081c32b97 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5976 Malicious code in white-oganesson (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59cd363bc35266e8da511b349bb11e84db784a1bbd5fe29148aadb24aaeef2f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5906 Malicious code in crypto-notifier (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14edf6ea7a68922079f8577f719246d4b53f4a31565dab3714813dc76cb78bcf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5909 Malicious code in ecom-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 521b798d9b0e0109ef6b2642feb49a1c930d97adfa05279b55646931ce1e6352 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5851 Malicious code in @cewe-designsystem/component_modal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fdba0177e300dffd060ffb2a66eb4f6c09d777ee521bbbbe3d60b9d59a98c5ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5852 Malicious code in @didi-pebble/pblint (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb1531e6163d25b10b0a50538ba7b2462eea1da3199b5163aa90b8f5e4882e4f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5619 Malicious code in old-header-parser (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 315f759e577d29f8c6922c09f69169b191d3c8886bae205c9d3925d4a366688d Any computer that has this package installed or running should be considered...
MAL-2025-5259 Malicious code in deere-ui-commonjs-shim (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a67ec4bddb1b8af04cfc08903b303377f2c20937c3b6f13287bcb450d2189a53 Any computer that has this package installed or running should be considered...
MAL-2025-4961 Malicious code in automated-native-creatives (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0108e88450eb534afdbdfd274f6737a7507f4a7915230a113296f63a2a2163fd Any computer that has this package installed or running should be considered...
MAL-2025-4983 Malicious code in customdropdownadapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e29bf2cb2ca6349ffa2030e7ae2a9d4f49fb302fc084fb3ace37e76b543b502 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4800 Malicious code in @loybung/inject (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2360caebc7c178c732c57b8da900d7e303a05b8a498693b6f6449abad8fbb19 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4831 Malicious code in google-auth-httplib2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0e57c6a4e7ad5efe49fa44cffce46a4872792f3f1225d726be0b6a6c3d5ed156 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4817 Malicious code in boost-static-assert (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e5ea6d07c816f16b0ce7ce7e7b952fa013034be54604e072cd3c500d9cc75e48 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4686 Malicious code in graphstruct (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3d501610322eef6c7aa27534198e500566f7ac611d91e55d92612e12fb8bd817 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4506 Malicious code in skinnyvans-linux-x64 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4548827f9bd601d4ff29713865fca74fb2e28b90aae485f5656f48ac2a6275e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4291 Malicious code in 12octsportsday (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c79a0b726d25448621e84a3424b411c1c37c89b80d5a5c4286857fc61ac52257 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...