Malicious code in verror-extra (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a93fdd891eeff42ebf7abff1e7a6a00febbc8420ef4bef6c613ef250f4f3ca3 Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47360 Malicious code in verror-extra (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a93fdd891eeff42ebf7abff1e7a6a00febbc8420ef4bef6c613ef250f4f3ca3 Any computer that has this package installed or running should be considered fully compromised. All...

@faltest/browser (>=7.0.1 <=7.0.4), @faltest/lifecycle (>=10.0.0 <=10.0.7) +1 more potentially affected by unknown CVE via verror-extra (=6.0.0)

verror-extra NPM version =6.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on verror-extra and may be impacted: - @faltest/browser =7.0.1, =10.0.0, =8.0.0, =8.0.7 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47360...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...