2 matches found
Malicious Package
Overview @testcarrot/supply4 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-48099 Malicious code in @testcarrot/supply4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 58c554af87914a43458082a747e4709d285f86a900c2c36e1f9d548a0281608e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...