154 matches found
Malicious code in @validate-ethereum-address/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31c6ff12976558c9f1b005e95ad8a4c3b366723f0a1409d73f904f568be326cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5369 Malicious code in @doaction/auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f96ec00bc5ed7192c8483a1b27f2212ce64e5a86f1dc309b66d14ea969de00fb @doaction/[email protected] is shaped as a public-registry shadow of a private internal package: scoped name pattern, inflated 99.99.99 version, and a...
Malicious code in @taskflow-corp/cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1e305906fa9a2ce7ccc0318baa5c5d7cd13bd021623fec9701e1841d92ab00e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3435 Malicious code in @squawk/airport-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a12035131eafd29a07572751653f857706ac1b113fcbd498a70f54d96d5276cc The package @squawk/airport-data was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191217 Malicious code in @everreal/web-analytics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77c0514435a2fcfbbc44b6691737ce9fa17b0397b9cbd490173d9dca9fa18adc The package @everreal/web-analytics was found to contain malicious code. Source: ghsa-malware...
Malicious code in @self-sell/self-sell-amplitude-events (npm)
The package @self-sell/self-sell-amplitude-events was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae064f7137baf9c1292997ecd4204537d8011af89721c3d0878247049cd7a20f Any computer that has this package installed or running should be...
Malicious code in nodestream-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd27c0af10fcdf2bbbe772dc6442359db1be060eabb88d8343982bdcad7e872c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4938 Malicious code in husky-es (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7389701dece7abfcef40d0bfff8c26f78ce0a68100f40bff5e834bf57d6e637 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @ai-document-translation/ui-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8c94ea05205ad6ac8c809be2fa22e18fae368f27f1f8bd34048528dc25daa90 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bookingcom-checkout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68d25686015085f4d524b134542a14b1748266da0711ecc36ae2a59afe2abebf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in docu-scripts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b6622a889906180340028e70850543b9d34f93618e7dee954ad8d394aa5c86be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11138 Malicious code in distdiscord-v11 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b003b8e11ce73b0dd1259da43ba682eb4a34b0ac0d4b48559af5bc6489c216be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11048 Malicious code in k8s-apps-wordpress (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 40a470c4b317b1c3a7ca0ef77aa42d47d230d8b4d2cfe94f870ae1232c927327 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10949 Malicious code in web-bz (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0be6c98e8623bffb583f6b3c059c4b8a367a11e9294e1d13c168cd7d2f10552f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10501 Malicious code in eth-cripto (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41bd6acb5844cd13ab2a90a7be70dd82188ec137a99ae509fe6bd3ea2301a11c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10515 Malicious code in ozeppelinsolidty (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8782fd9ae20110e20991e5f5898607ecadbf1725bf33bbda2dd60389ae613eeb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10401 Malicious code in puppeteerrequestinterceptor (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 69e8c643ef7ddf9688688411490355eea8c86e9aaff4cc8f55329bb05057ee36 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9123 Malicious code in agoda-design-toolkit-2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 108287c52cc6b7d73890c29bc9f478cb107ed2906c062820d73eb4d51795eb80 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8535 Malicious code in @diotoborg/psychic-bassoon (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 40e22fa81648612742fff8bcb2a1e74d48f0ec451842d6d050035a2d8ef322c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8168 Malicious code in @diotoborg/beatae-ad-voluptatem (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab6c10067ad8112f23680a4ebc52b525ea01a584cf38b052378f7ae90383f0d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...