MAL-2026-5073 Malicious code in midoss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73bce73a188c2742f2c66ec85906c0bea50468d8c606fd6d38d4ea5698119007 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @service-suppliers/fetch-suppliers-watcher-saga (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74317c1ce2d301970954a3b87d59143188bf88c4f822ea2eba15c88db25cd5f5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in skndkjasndkjan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1db684638c7c4cc14bc030fa38952c5a81da5ae4fbfc4d8a7279f52096db4299 The package skndkjasndkjan was found to contain malicious code. Source: ghsa-malware b3faa645d3b9d269340718ff8ee7b86fa018985ce3748a7619a156fbec8fce44...

Malicious code in okijuh (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 601f49f065c65d113d5beac44277d35b15635f0d41817602602e01e963f96cdd The package okijuh was found to contain malicious code. Source: ghsa-malware f603bf2cf39f78f0445aa4f08f0f6432c7b6cc9358b44c0946de293a8e956865 Any...

Malicious code in stringify-bytes32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4369c15f1dad991e9ececa49c5f3944e2b59ae8c42fa6d11366c1bb8d723de69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in bridge-transaction-parser-hop400 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c4d626a3e8ed70bfec2b959fdb25cd9fb0ce41efa9e9be1d82a5ce85531ec40 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @diotoborg/sapiente-alias-omnis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98848f887303b1ae4b29e79f7b73f720e9b8f04002532a66947d12ec4625a6e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in monday-integration-github (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15bd6b9b0873788f19b25b44217af9e4cb682eecb4e79430a8c4b0eeeac7769e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tazata (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 552f48afad61f9a60ae3af67a8a2bf6a43991fb4aafd6fde9e01c86de276d91e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...