9 matches found
Malicious Package
Overview @aifabrix/miso-client is a malicious package. This package was affected by the 'GlassWorm' supply chain attack. It includes a hidden malicious payload embedded with invisible Unicode characters. These characters hide a decoder that retrieves and executes a concealed payload through eval...
Malicious code in @voiceflow/encryption (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13e58f7cdcdf3b87f5bbf111e42e13a1151626e495e15be73fc579109e397800 The package @voiceflow/encryption was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/natural-language-commander (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcffcb39c546d02117506c26844a1fddcedc61f18cd934b27642817c62189437 The package @voiceflow/natural-language-commander was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191376 Malicious code in @voiceflow/storybook-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8dad09f9af7bcfdd86347fd6e8c490939feed1f44cb5632ca2098db24ddbe7b The package @voiceflow/storybook-config was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/motion-nuxt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f92b87caa59206174882fe75cd77964bc3f31b824958a07a22210e50eeb21ac9 The package @oku-ui/motion-nuxt was found to contain malicious code. Source: google-open-source-security...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Malicious code in @ctrl/qbittorrent (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af92aa639259dc9a287445d9fdbb2ec61beeb5adf71ff13a6e8f9bceb79971a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...