Malicious code in @seo-frontend-components/card-blog-carousel (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1cfcc9a2754a9e96e7bfd7f7c78281a5016b48feeaa8c61f782bcab5dbe4ae8e The OpenSSF Package Analysis project identified '@seo-frontend-components/card-blog-carousel' @ 1.999.0 npm as malicious. It is considered...

Malicious code in webpack-cli-v4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6923a0b0ac00b6df0f50acbb796a23891fbe7d857f5f130a62b03f3a7cea9da8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in atlaskit-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a82f51289bb90a9a96816fcf188b81cd24166b48cac9cc66d28af7e68e1acc1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @di-sdk/quickselect-wasm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb4f93b792159c059a742b5ea3d59a8038b8e1be1103e430086184a2f3ca3090 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3169 Malicious code in @hyattcorp/design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 58f37a41edefebdd744efb01380e035aad567082e7fa96361effc44e4e9f1b49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in daos.fun (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6981bbd2419a973811f38b35a5dcf95ec496a17e132d0d95f86314cfb32cd914 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in byted-midas-render-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b801b5ca095df1e96b38bfc8f414ed583b82378f669eea2e6028157e2dbecc94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2293 Malicious code in cfa-react-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aac7ddc598f480a5c87bd28d65a6fc762b5c9ce46b72934eabe3760b49f11a36 The OpenSSF Package Analysis project identified 'cfa-react-components' @ 2.8.8 npm as malicious. It is considered malicious because: - The packa...

Malicious code in malwaretesting1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0dfabd3ff2ac6ca412b085988e3c2afdc4d44178dba2cfa134d851c159ccb7f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in malwaretesting (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 08fe9939d1c2c8ae0ac8bf48c1a2f4e5fc02623d8012c4c6bbbb308f4d6f4200 The OpenSSF Package Analysis project identified 'malwaretesting' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

Malicious code in actions-project-version-check (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0dfacd7dc56f2f0ae2b911d6bd9b2b8d50e4273f1f28a014bf64dfa9fdb9ff3f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in linter-coffee-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 292d0ff0a104c6e415fc2ea734ec189f699d6aecb4383502759e2053adddfb45 The OpenSSF Package Analysis project identified 'linter-coffee-variables' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

Malicious code in lyft-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dcdf3711c3a60bf5a37d61a0b61ff485f47ea89580e09542881d51f6192ff73d The OpenSSF Package Analysis project identified 'lyft-utils' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

Malicious code in lyft-admin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d38f448299b8cf08b4e9a13e97a9c14c62534e926734f9f7b65fd051eb22509c The OpenSSF Package Analysis project identified 'lyft-admin' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

Malicious code in iberia-checkout (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5a54db79a25a05a038514ad99f427a93d74f2a9b79fcf140647e71b8000e88be The OpenSSF Package Analysis project identified 'iberia-checkout' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

Malicious code in google-admin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1952eda028c50037c3fed98b8477d4d246352476b02989dc4f37d710842bd120 The OpenSSF Package Analysis project identified 'google-admin' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

Malicious code in powpeg (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 888651be4245ed94e8c3c538181c95691f87e394e03ebe7d425abd55a1f95749 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tsanjint (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 51bc4162c9661fcf380821e0b575282ec5c1e6d7a6732cc427c637a581d909e1 The OpenSSF Package Analysis project identified 'tsanjint' @ 1.0.0 npm as malicious. It is considered malicious because: - The package executes...

Malicious code in @monkey-tilt/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8ac39833535be0553f3d6a87a64286940b30b0fc55a5e1c80c907518b10053b8 The OpenSSF Package Analysis project identified '@monkey-tilt/ui' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

Malicious code in 000webhost-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 424a15d33d860d965471f624163b86c21f38af3ad003ddad4fc96749ff992245 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...