1802 matches found
MAL-2026-5377 Malicious code in @doaction/shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector caba10985bd532eb067af52e175856a72552c9b9306895ea9fba9c1083277248 @doaction/[email protected] is a dependency-confusion lure that exfiltrates installer environment metadata on every npm install. package.json declares...
MAL-2026-531 Malicious code in hackerxhj (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d71044a886ff501da7e6d3e47cad40b8472b1f02b72f7dc807879b2d780f037 The package hackerxhj was found to contain malicious code. Source: ghsa-malware fd149c69b837b189dff0b260bd9ca7f30c03cb192bea4f83daf0465322a1ec13 Any...
MAL-2025-191041 Malicious code in @oku-ui/primitives (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48684386017546a6d1cc3afd6317d995fe7edc730db2789b79af9135d8f88191 The package @oku-ui/primitives was found to contain malicious code. Source: ghsa-malware...
MAL-2025-2327 Malicious code in rolldownload (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e57796af333715605cb3404f3d8653189e6859e7d409e69670109ab17dad2ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1579 Malicious code in com.google.play-games-pc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89482dfb2083648706902d58c49dbe79b54f0e6ab3614bb3f528f8b1fba92cf9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12026 Malicious code in pushservicejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8875b705a6e055665ad1912b3f5aeca6578af2778e4b541e7061ae20d6ecbd01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11962 Malicious code in csp-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 07c56da928c82cee1c2a2332c92447b99ae4d8fa17441e9391ac05a4f38d3323 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11905 Malicious code in solara-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d6e86743114e65716ebcc22493a5d16e0e807c0701cf4233fac1c9eb47f821a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11156 Malicious code in smtp2go (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ee3777f995fe5a08e581e345e2f1b39a3c0a271203e9f97f6105bc1dafc3053 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11151 Malicious code in qvector (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5975444a31f5301f722c9369788bb65fb29585198a447b93f144bdf5b4672dd3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11137 Malicious code in distdiscord-v1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df4e3ffa3125383f7eefd22447c1d5f54c29993ca1aa53c9fa243ddd464e0c69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11136 Malicious code in discord-json-requests (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4e36715204598c156e07aa9b146c861f5481df2d94c91e92f85569f217fa4d1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11124 Malicious code in sol_web3_helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1bc63c11f5b8fec0c212369623282a5e4185ff1541e90e8cbefc9f41bfb4b9e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11043 Malicious code in github-script (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 579cffb13e7eb93223fa1ec7f5e91bcf51a7d375df14a4a9034e19d859615bac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11069 Malicious code in proton-vpn-browser-extension (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 79dc03424432718c42f9a66d516ba38f46e70a24459369a48aba07205b744ca5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11098 Malicious code in soybean-admin-tab (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 074138690c6a5d6116a3c95a8c03d5436314502580eb4f3858a6a4041b287e34 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11088 Malicious code in seller-webchat-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24b68c2b24c603c8d9041a3cd7aeefed0ea836500df679a24bc061241fec376a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11050 Malicious code in listing-reporter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4ea27f5a6df8c18c232526671a1de97c661c9a30766e9a72b8fd317bfb3804b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11030 Malicious code in bll-cerberus (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e08f496a9d5a455fad139af738f3f152615e6fd7bdcbdf47a2b4bf5dafa5e2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11086 Malicious code in seller-payment-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 709cb7e0744137d61c11a1e3ecc2767e8cd4b90456a6910d32816e8285dc6c54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...