2 matches found
EUVD-2025-29227
Malicious code in bioql PyPI...
CVE-2025-59143 [email protected] contains malware after npm account takeover
color is a Javascript color conversion and manipulation library. On 8 September 2025, the npm publishing account for color was taken over after a phishing attack. Version 5.0.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to...