284 matches found
MAL-2025-66552 Malicious code in vite-plugin-postcss-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4552bafe10098b91c4ce3128c885efb1c472d7f7c18b7bca5d2b174ed097e396 The package vite-plugin-postcss-tools was found to contain malicious code. Source: ghsa-malware...
Malicious code in react-router-dom.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a54a5d0a9e2cbf3435d04524f79602d94e2a8b49ce9bf676ef37f23e44f1c28c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49021 Malicious code in minify-dead-code-elimination (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae32f7c04b27629bde0236a0f5931b70208313af390161f1d6564c0022d9f39c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48784 Malicious code in vite-plugin-parsify (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 031b7573beae98422d50771f010df5ea83910b304700e644b2e5b8cb6111aa59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-alerts-template-basic (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea74fdb0b572b194c03927e7ed2eb81658a849eb093b395f77d6b74db3b1d7ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48564 Malicious code in deviceconnect (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6c1a3984e1cb71a8f8426b3963787a49a096ce770bcabde9e63ca51fa5007e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48333 Malicious code in mad-1.2.5.2.2.8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b2a7a2c9ba3ee455fb1327bbf9794e2ff26b21cee0dd6d1feef0cb6b3d57da55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mad-1.0.0.2.2.8. (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a3660341162df2e49bb5407e0ca9b3bd7df2ef2e7aaf9c8cd43ac899b45d29b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in redirect-nq70u6 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 099d83c25e6a8662b90ff95da62e95d6118eb1d71b1ed785e186f69054ae7f66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in com.unity.2d.spriteshape (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5338704c6d9ca480f0ecc214b07912ff6b325612a7335034d750a40bdaf5c4b3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47548 Malicious code in @sev-ui-verse/workflow-context (npm)
The package @sev-ui-verse/workflow-context was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b34fd25464abdc87cdcff95770eff1bf8f142ad5407a6487236fcc5c76f72f14 Any computer that has this package installed or running should be...
MAL-2025-47569 Malicious code in truelayer-service (npm)
The package truelayer-service was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc9900a38cc6f7543f01f0f226e5ac0ddf01b51bdc46b2e5da6caaf06ecc3155 Any computer that has this package installed or running should be considered fully...
MAL-2025-47553 Malicious code in envs-loader (npm)
The package envs-loader was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94802ccdee601e77ff6361593b03ef5b414dec7eaeccd58d8ed6b2305886b27d Any computer that has this package installed or running should be considered fully...
MAL-2025-47251 Malicious code in @openzeppelin-compact/fungible-token (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c6a498e2883ed809f6b7d0b0fdd09f303aaf958af5a94634d835e001fdc4db78 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sensay-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7cb7ee6c9001f05dabc23897e95ab73cf8e80b296c65d848d3d31fa9b2b592ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47337 Malicious code in oradm-to-sqlz (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f66243d0593a930732578192edb0f5d084612a5f89bb86b9bb4aecef362a5aa Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47030 Malicious code in @google_cloud/projectify (npm)
The package @googlecloud/projectify was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 348dd9384a1e11bd9559bcdb3d4e2ef98ad16da2967df02ad4b6764b8d9ef2af Any computer that has this package installed or running should be considered ful...
Malicious code in tripactions (npm)
The package tripactions was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd811dd81c5402b7511b48c5c95b3f347a050a63cc7c5a0bb9e5cdc47bace8a6 Any computer that has this package installed or running should be considered fully...
Malicious code in @team-event/team-event-amplitude-events (npm)
The package @team-event/team-event-amplitude-events was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fec4944bd01591db16329984b9a3301e3d76ea26f8ec3f5dc1a14807f9c11ff6 Any computer that has this package installed or running should b...
Malicious code in @liquid-web/common (npm)
The package @liquid-web/common was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2152309995aeb57c2d293acf6ebb54fdc8e47239ba56a4b742bd00743a7468a5 Any computer that has this package installed or running should be considered fully...