4 matches found
MAL-2024-8423 Malicious code in @diotoborg/minus-ducimus (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 81428eca58d792d18504fa1037b5e05a252083cfcf12a4c7cebb5e11e0ac62ab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-814 Malicious code in stats-collect-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad3d02771bbae32c6827b2d78a02c6a6f23d67fca38cc7361fdcd739f0ee4398 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4687 Malicious code in mongoos (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ab32f7c212c797143b0b25f1f96b0e6cdce969c148e8ce5973c3c95ad99f2dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview From https://blog.sonatype.com/sonatype-spots-more-discord-malware-in-npm?hspreview=BbDPGbfh-40737456755: The malicious packages were detected by Sonatype’s Security Research Team leveraging Sonatype’s Nexus Intelligence research service. On analyzing these packages closely, our Security...