51 matches found
Malicious Package
Overview @capibar.chat/ui-kit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in @capibar.chat/ui-kit (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
Malicious Package
Overview kl-b2c-ui-kit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in kl-b2c-ui-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e32dd1450d1b5670388a4fbf71a7189cff326aa1c7734ee6ea1c89614438c516 The package kl-b2c-ui-kit was found to contain malicious code. Source: ghsa-malware c42673f7cabe65ad288149a7f75426fea7054327c8f73ac59d07e6b60a64b3db...
MAL-2026-3082 Malicious code in kl-b2c-ui-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e32dd1450d1b5670388a4fbf71a7189cff326aa1c7734ee6ea1c89614438c516 The package kl-b2c-ui-kit was found to contain malicious code. Source: ghsa-malware c42673f7cabe65ad288149a7f75426fea7054327c8f73ac59d07e6b60a64b3db...
Malicious code in @lamoda/seller-ui-kit (npm)
Malicious package with preinstall script executing a file that gathers sensitive data and exfiltrates it to a suspicious domain. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dec0cd5c3b13d6c0355868de10ce8ebcf855a28254251280b38743e860217f98 The package...
MAL-2026-2588 Malicious code in @lamoda/seller-ui-kit (npm)
Malicious package with preinstall script executing a file that gathers sensitive data and exfiltrates it to a suspicious domain. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dec0cd5c3b13d6c0355868de10ce8ebcf855a28254251280b38743e860217f98 The package...
@atlassian/aui (>=9.3.22 <=10.0.0-M02), @charcoal-ui/icons (>=3.16.0 <=3.21.0) +115 more potentially affected by CVE-2025-15599 via dompurify (>=2.5.4 <=2.5.8)
dompurify NPM version =2.5.4, =9.3.22, =3.16.0, =3.0.0, =3.0.0, =0.0.0-canary-20240806060533, =0.0.0-canary-20240806060533, =0.0.0-canary-20240806060533, =0.0.0-canary-20240806060533, =0.0.0-canary-20240719153432, =0.0.0-fec-156-react19-20250116105607, =0.0.0-fec-156-react19-20250116105607,...
Malicious code in bve-react-ui-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7129addcf662b66f1b9c3bccfef1b910ba7d7529205773a6ef69f5fcec9b9178 The package bve-react-ui-kit was found to contain malicious code. Source: ghsa-malware e12ba9c2363df47acb928246ccbbfedb85b5cbfb0f433286818034daf65dfd...
EUVD-2026-3084
Malicious code in bve-react-ui-kit npm...
MAL-2026-271 Malicious code in bve-react-ui-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7129addcf662b66f1b9c3bccfef1b910ba7d7529205773a6ef69f5fcec9b9178 The package bve-react-ui-kit was found to contain malicious code. Source: ghsa-malware e12ba9c2363df47acb928246ccbbfedb85b5cbfb0f433286818034daf65dfd...
Malicious Package
Overview e-voting-libraries-ui-kit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in curve-ui-kit-security-notice (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0fb2012407c0ff7c7e2c1a915c8ad608d1b47a31f725b9a9e68d652ad55bfcc8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-34528
Malicious code in curve-ui-kit-security-notice npm...
MAL-2025-48420 Malicious code in curve-ui-kit-security-notice (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0fb2012407c0ff7c7e2c1a915c8ad608d1b47a31f725b9a9e68d652ad55bfcc8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview @my-pvz/ui-kit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in @my-pvz/ui-kit (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6cdc756704726b9cfb66ba52746b5d42a7b6f8742370a8bf409a664879607281 Any computer that has this package installed or running should be considered...
MAL-2025-47839 Malicious code in @my-pvz/ui-kit (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6cdc756704726b9cfb66ba52746b5d42a7b6f8742370a8bf409a664879607281 Any computer that has this package installed or running should be considered...
MAL-2025-47393 Malicious code in bsd-form-ui-kit (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in sk-ui-kit (npm)
The package sk-ui-kit was found to contain malicious code...