2 matches found
Malicious Package
Overview tokenlon-v5-subgraph is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
MAL-2023-894 Malicious code in tokenlon-v5-subgraph (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dceb07244c9168376047cfb891dbdf3048a9003f143fe5e73fad62a14471057e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...