MAL-2025-140448 Malicious code in carpo-meteor-nconf-uninstall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b30fcc6b4e7d9a41224029e4f0c88435e1ea06a37c80f6cfa58bde9de0959693 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-121404

Malicious code in terser-jsonp-version-uninstall npm...

EUVD-2025-123651

Malicious code in pipe-testcafe-oauth-uninstall npm...

EUVD-2025-114232

Malicious code in elara-hermes-octans-uninstall npm...

Malicious Package

Overview postmark-mcp is a malicious package. This is an MCP Model Context Protocol server intended to let AI assistants send emails via Postmark and it was reportedly modified to secretly exfiltrate email contents by adding a blind-copy BCC to an external domain. Note: If you have installed or...

Malicious code in link-radiometric-umbriel-uninstall (npm)

The package link-radiometric-umbriel-uninstall was found to contain malicious code...

Malicious code in magellan-halley-socketio-uninstall (npm)

The package magellan-halley-socketio-uninstall was found to contain malicious code...

MAL-2025-3083 Malicious code in servicecore-response-handler (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efae7348c792464442a5508d7cd2907cd55c01835e4cc188b1e078b1b96beadc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sf-intl-sn-prod (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb4cc33212e001bc0af0440f49eb0c52cdc0ad223eba555c5cb2afaa9931e5c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2668 Malicious code in elm-lang-http (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d5eb3c2ea771ad8d786241ffd33fd3345d71c3a00d5aa6a053d81034de8ebd4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in telegram-bot-host (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7bfce13be8a817c4f8165b600702f49df73736a44741857d560aab26bfa00162 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10995 Malicious code in pmto (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cab6d5c183f9d9ae1caa6a140cfe73761fe0db12d3067e9e393fdfc86f89b1a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8665 Malicious code in @diotoborg/ullam-dignissimos-repudiandae (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f98218a920ef07fe61cbea667aa89a03f97274e5993222143dac9fd29704f347 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7199 Malicious code in @zitterorg/esse-quae (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 50eec2d006ffc359b61460612d12be2fbff2a578b6ac6c1a087bb573a48cd1b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1663 Malicious code in @elza/auto-route-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0394416e392791c5f23be36b82f8800fa29bfd1381f8be67c7362338279c0d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1339 Malicious code in test-poc2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70d622822e0356b992f815ba0a803ee7598a5ff51894216a53a95ac034ca1185 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-761 Malicious code in wlwz-2312-6506 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7aea22472e70a964e13cab36afaced4e3acd063cd17957600a0f42dc8183216d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-273 Malicious code in wlwz-2312-1104 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9e66ba5fd493bc1e8698e5af37fff100b470a08e7185da4c274733a24380e3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8726 Malicious code in discord-sb-v13 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66350475cf0f0b373fa6a00f509ac77b07c132e71ff813aad93097a9f92ee6ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8554 Malicious code in ory-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10ee2bc9e167728f46f301228a2569bcd7eda2f19c27f24784dd4497cf1af3be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...