Skip to content
supplychainattack.orgSupply chain attack incident catalog

Compromised package incidents

285 confirmed incidents involving the compromised-package technique.

  1. activecritical

    Malware in ecto-spirit-win-k4n8

    Malware discovered in the npm package ecto-spirit-win-k4n8. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  2. activecritical

    Malware in ecto-flag-read-m7p2

    The npm package ecto-flag-read-m7p2 contains malware that grants full system compromise to an outside entity. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  3. containedcritical

    Malware in ecto-spectral-leak-8d4e2

    Malware was discovered in the npm package ecto-spectral-leak-8d4e2. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  4. activecritical

    Malware in ecto-win-flag-q2m7

    Malware discovered in the npm package ecto-win-flag-q2m7. Systems with this package installed are considered fully compromised and may have given outside entities complete control.

    npmCompromised package
  5. containedcritical

    Malware in sea-bound-siren

    The npm package sea-bound-siren contained malware that fully compromised any system where it was installed or running. The package has been identified and removed from distribution.

    npmCompromised package
  6. activecritical

    Malware in ecto-corsair-flag-x9m4

    Malware discovered in the npm package ecto-corsair-flag-x9m4. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  7. activecritical

    Malware in web-dotenv

    Malware discovered in the npm package web-dotenv. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  8. activecritical

    Malware in chai-web3-testkit

    Malware was discovered in the npm package chai-web3-testkit. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  9. activecritical

    Malware in ecto-rust-read-f3a9c1

    Malware was discovered in the npm package ecto-rust-read-f3a9c1. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  10. activecritical

    Malware in ecto-nightly-spirit

    The npm package ecto-nightly-spirit contains malware that grants full system compromise to an outside entity. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  11. activecritical

    Malware in ecto-corsair-whisper-6f3b9

    Malware discovered in the npm package ecto-corsair-whisper-6f3b9. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  12. containedcritical

    Malware in coral-wraith

    Malware was discovered in the npm package coral-wraith. Systems with the package installed or running should be considered fully compromised and require immediate remediation.

    npmCompromised package
  13. resolvedcritical

    Malware in @malwguy/ecto-corsair-whisper-3d2a7c

    The npm package @malwguy/ecto-corsair-whisper-3d2a7c contains malware that grants full system compromise to an outside entity. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  14. containedcritical

    Malware in vite-react-toolkit

    The npm package vite-react-toolkit contained malware that provided full system compromise to attackers. Any computer with this package installed should be considered fully compromised and all secrets and keys rotated immediately from a different machine.

    npmCompromised package
  15. activecritical

    Malware in transportator

    The npm package transportator contains malware that grants full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised and all secrets and keys rotated immediately from a different machine.

    npmCompromised package
  16. containedcritical

    Malware in rsflows-pexml

    Malware was discovered in the npm package rsflows-pexml, resulting in full system compromise for any computer with the package installed or running. The package should be removed and all secrets and keys rotated from a different computer.

    npmCompromised package
  17. containedcritical

    Malware in paypal-payouts-bridge

    Malware was discovered in the npm package paypal-payouts-bridge. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  18. containedcritical

    Malware in apple-mycelium-fix

    Malware was discovered in the npm package apple-mycelium-fix. Systems with this package installed or running should be considered fully compromised, with all secrets and keys requiring immediate rotation from a different computer.

    npmCompromised package
  19. containedcritical

    Malware in tw-fluid-type

    Malware was discovered in the npm package tw-fluid-type. Systems with this package installed or running are considered fully compromised and require immediate remediation.

    npmCompromised package
  20. activecritical

    Malware in typeorm-encrypt

    Malware discovered in the npm package typeorm-encrypt. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  21. containedcritical

    Malware in sass-formats

    Malware was discovered in the npm package sass-formats. The package is considered to provide full system compromise to any computer where it is installed or running.

    npmCompromised package
  22. activecritical

    Malware in forge-jsxy

    The npm package forge-jsxy contains malware that grants full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  23. resolvedcritical

    Malware in downlynpm

    The npm package downlynpm contained malware that provided full system compromise to attackers. Any computer with this package installed should be considered fully compromised and all secrets and keys rotated immediately.

    npmCompromised package
  24. containedcritical

    Malware in @web-3d-tool/sdk

    Malware was discovered in the npm package @web-3d-tool/sdk, resulting in full system compromise for any computer with the package installed or running. The advisory recommends immediate removal of the package and rotation of all secrets and keys from a different computer.

    npmCompromised package
  25. containedcritical

    Malware in @visma-net-platform/module-navigator

    Malware was discovered in the npm package @visma-net-platform/module-navigator. Any computer with this package installed or running should be considered fully compromised. All secrets and keys must be rotated immediately from a different computer.

    npmCompromised package
  26. activecritical

    Malware in @integrations-center/utils

    Malware discovered in the npm package @integrations-center/utils. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  27. containedcritical

    Malware in @ntnx/nx-react-components

    Malware was discovered in the npm package @ntnx/nx-react-components. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  28. containedcritical

    Malware in @marketplace-shared/components

    Malware was discovered in the npm package @marketplace-shared/components. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  29. activecritical

    Malware in @hatcha-captcha/core

    Malware discovered in the npm package @hatcha-captcha/core. Systems with this package installed are considered fully compromised with potential for complete system takeover.

    npmCompromised package
  30. activecritical

    Malware in @iobeya/spa-auth

    Malware discovered in the npm package @iobeya/spa-auth. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  31. containedcritical

    Malware in experian-analytics-components

    Malware was discovered in the npm package experian-analytics-components. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  32. containedcritical

    Malware in fed-callnative

    Malware was discovered in the npm package fed-callnative. Systems with this package installed or running should be considered fully compromised, with all secrets and keys requiring immediate rotation from a different computer.

    npmCompromised package
  33. containedcritical

    Malware in theta-sdk

    The npm package theta-sdk was compromised and distributed with malware. Any system with the package installed or running should be considered fully compromised.

    npmCompromised package
  34. containedcritical

    Malware in sensivity

    The npm package sensivity was found to contain malware that grants full system compromise to attackers. Any computer with this package installed should be considered fully compromised and all secrets and keys rotated immediately from a different machine.

    npmCompromised package
  35. containedcritical

    Malware in vqlxjmpr

    The npm package vqlxjmpr contains malware that grants full system compromise to an outside entity. Any computer with this package installed or running should be considered fully compromised and all secrets and keys should be rotated immediately from a different computer.

    npmCompromised package
  36. resolvedcritical

    Malware in @tenforce/toolbox-fontmap

    Malware was discovered in the npm package @tenforce/toolbox-fontmap, resulting in full system compromise for any computer with the package installed or running. The advisory recommends immediate removal of the package and rotation of all secrets and keys from a different computer.

    npmCompromised package
  37. resolvedcritical

    Malware in @snowsight/debug-tooling

    The npm package @snowsight/debug-tooling contained malware that provided full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  38. containedcritical

    Malware in tailwind-dark-mode-kit

    Malware was discovered in the npm package tailwind-dark-mode-kit. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  39. activecritical

    Malware in ioredis-typed

    Malware discovered in the npm package ioredis-typed. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  40. activecritical

    Malware in ioredis-orm

    Malware was discovered in the npm package ioredis-orm. Systems with this package installed or running should be considered fully compromised, requiring immediate rotation of all secrets and keys from a separate, uncompromised system.

    npmCompromised package
  41. activecritical

    Malware in forge-jsx2

    Malware discovered in the npm package forge-jsx2. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  42. resolvedcritical

    Malware in @johntaohunter/forge-jsx

    Malware was discovered in the npm package @johntaohunter/forge-jsx. Any computer with this package installed or running should be considered fully compromised, requiring immediate rotation of all secrets and keys from a different system.

    npmCompromised package
  43. containedcritical

    Malware in ozonex-sdk

    Malware was discovered in the npm package ozonex-sdk. Systems with this package installed or running are considered fully compromised and require immediate remediation.

    npmCompromised package
  44. containedcritical

    Malware in ozone-sdk

    Malware was discovered in the npm package ozone-sdk, resulting in full system compromise for any installation. The package should be removed immediately and all secrets and keys rotated from a different computer.

    npmCompromised package
  45. containedcritical

    Malware in archetype-style

    The npm package archetype-style was found to contain malware, resulting in full system compromise of any computer with the package installed or running. GitHub Security Advisory GHSA-m9f5-cp7r-48pm documents the incident.

    npmCompromised package
  46. containedcritical

    Malware in emittery_styled

    The npm package emittery_styled was found to contain malware, potentially giving attackers full control of affected systems. Any computer with this package installed should be considered fully compromised and all secrets and keys rotated immediately from a different machine.

    npmCompromised package
  47. resolvedcritical

    Malware in mm-ts-utils-client

    Malware was discovered in the npm package mm-ts-utils-client. Systems with this package installed or running should be considered fully compromised, requiring immediate rotation of all secrets and keys from a different computer.

    npmCompromised package
  48. containedcritical

    Malware in pui-diagnostics

    Malware was discovered in the npm package pui-diagnostics. Systems with this package installed or running should be considered fully compromised and require immediate remediation.

    npmCompromised package
  49. containedcritical

    Malware in @coterie-baby/common

    Malware was discovered in the npm package @coterie-baby/common. Systems with this package installed or running should be considered fully compromised, with all secrets and keys requiring immediate rotation from a different computer.

    npmCompromised package
  50. activecritical

    Malware in sitecore-mm-component-style

    Malware discovered in the npm package sitecore-mm-component-style. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  51. activecritical

    Malware in @trackking/core

    Malware discovered in the npm package @trackking/core. Any computer with this package installed or running should be considered fully compromised. All secrets and keys must be rotated immediately from a different computer.

    npmCompromised package
  52. containedcritical

    Malware in @serviceshub/x-web-core

    Malware was discovered in the npm package @serviceshub/x-web-core. Any computer with this package installed or running should be considered fully compromised. All secrets and keys must be rotated immediately from a different computer.

    npmCompromised package
  53. containedcritical

    Malware in @ngt-frontend/widgets-core

    Malware was discovered in the npm package @ngt-frontend/widgets-core. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  54. activecritical

    Malware in @vivaux/telemetry

    Malware was discovered in the npm package @vivaux/telemetry. Systems with this package installed or running are considered fully compromised and require immediate remediation.

    npmCompromised package
  55. activecritical

    Malware in @tribe-digital/shopify-starter-theme

    Malware was discovered in the npm package @tribe-digital/shopify-starter-theme. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  56. containedcritical

    Malware in @vtmn-play/react

    Malware was discovered in the npm package @vtmn-play/react. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  57. containedcritical

    Malware in @sazka/web

    The npm package @sazka/web contained malware that could fully compromise any system where it was installed or running. The advisory recommends treating affected systems as fully compromised and rotating all secrets and keys from a different computer.

    npmCompromised package
  58. resolvedcritical

    Malware in zatzdbai

    The npm package zatzdbai contained malware that provided full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  59. containedcritical

    Malware in hex-type

    The npm package hex-type was found to contain malware, resulting in full system compromise of any computer with the package installed or running. GitHub Security Advisory GHSA-jc42-pxfc-29x3 was published on 2026-06-11.

    npmCompromised package
  60. containedcritical

    Malware in tailwindcss-animatics

    Malware was discovered in the npm package tailwindcss-animatics. Systems with this package installed or running should be considered fully compromised. All secrets and keys must be rotated from a different computer.

    npmCompromised package
  61. containedcritical

    Malware in tailwindcss-merge

    Malware was discovered in the npm package tailwindcss-merge, potentially compromising any system with the package installed. The advisory recommends treating affected systems as fully compromised and rotating all secrets and keys from a clean machine.

    npmCompromised package
  62. resolvedcritical

    Malware in crypto-javascript

    Malware was discovered in the npm package crypto-javascript. Systems with this package installed or running should be considered fully compromised, with all secrets and keys requiring immediate rotation from a different computer.

    npmCompromised package
  63. containedcritical

    Malware in rate-limits-flexible

    The npm package rate-limits-flexible was found to contain malware, potentially giving attackers full control of affected systems. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  64. containedcritical

    Malware in rate-limit-flexible

    Malware was discovered in the npm package rate-limit-flexible. Any computer with this package installed or running should be considered fully compromised. All secrets and keys must be rotated immediately from a different computer.

    npmCompromised package
  65. containedcritical

    Malware in sass-format

    The npm package sass-format was compromised and distributed with malware. Any system with the package installed or running should be considered fully compromised.

    npmCompromised package
  66. containedcritical

    Malware in tailwindcss-animotion

    Malware was discovered in the npm package tailwindcss-animotion. The package grants full system compromise to attackers, requiring immediate removal and credential rotation from unaffected systems.

    npmCompromised package
  67. containedcritical

    Malware in clsx-tailwind

    Malware was discovered in the npm package clsx-tailwind. Systems with this package installed are considered fully compromised and require immediate remediation including secret rotation and package removal.

    npmCompromised package
  68. activecritical

    Malware in tailwindcss-animates-kit

    Malware discovered in the npm package tailwindcss-animates-kit. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  69. containedcritical

    Malware in swagger-express-routes

    Malware was discovered in the npm package swagger-express-routes. Systems with this package installed or running should be considered fully compromised, requiring immediate rotation of all secrets and keys from a clean system.

    npmCompromised package
  70. containedcritical

    Malware in routing-controls

    The npm package routing-controls was compromised and distributed with malware. Any system with the package installed or running should be considered fully compromised.

    npmCompromised package
  71. activecritical

    Malware in react-photo-views

    Malware was discovered in the npm package react-photo-views. Systems with this package installed or running are considered fully compromised and require immediate remediation.

    npmCompromised package
  72. activecritical

    Malware in justgetit

    The npm package justgetit contains malware that grants full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised and all secrets and keys should be rotated immediately from a different computer.

    npmCompromised package
  73. containedcritical

    Malware in @common-stack/generate-plugin

    Malware was distributed via the npm package @common-stack/generate-plugin. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  74. activecritical

    Malware in google-cloud-secret-manager-config-poc

    Malware was discovered in the npm package google-cloud-secret-manager-config-poc. Systems with this package installed should be considered fully compromised and require immediate remediation.

    npmCompromised package
  75. containedcritical

    Malware in polymarket-clob-api

    Malware was discovered in the npm package polymarket-clob-api, resulting in full system compromise for any computer with the package installed or running. All secrets and keys on affected systems should be rotated immediately from a different computer.

    npmCompromised package
  76. containedcritical

    Malware in xnder-sdk

    Malware was discovered in the npm package xnder-sdk, resulting in full system compromise for any installation. The package should be removed immediately and all secrets and keys rotated from a different computer.

    npmCompromised package
  77. activecritical

    Malware in @easytipsportal/node-helper

    Malware discovered in the npm package @easytipsportal/node-helper. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  78. activecritical

    Malware in @solana-launchpad/sdk

    Malware discovered in the npm package @solana-launchpad/sdk. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  79. containedcritical

    Malware in coinbase-wallet-utils

    Malware was discovered in the npm package coinbase-wallet-utils. Systems with this package installed are considered fully compromised and require immediate remediation including secret rotation and package removal.

    npmCompromised package
  80. resolvedcritical

    Malware in argoncrypt

    The npm package argoncrypt was found to contain malware, resulting in full system compromise of any computer with the package installed or running. All secrets and keys on affected systems should be rotated immediately from a different computer.

    npmCompromised package
  81. containedcritical

    Malware in crypto-promise-js

    Malware was distributed via the npm package crypto-promise-js. Systems with this package installed or running should be considered fully compromised, with all secrets and keys requiring immediate rotation from a different computer.

    npmCompromised package
  82. containedcritical

    Malware in crypto-hash-sdk

    Malware was discovered in the npm package crypto-hash-sdk. Systems with this package installed or running are considered fully compromised, with potential for complete system takeover.

    npmCompromised package
  83. containedcritical

    Malware in @validate-ethereum-address/core

    The npm package @validate-ethereum-address/core was found to contain malware, potentially giving attackers full control of affected systems. Any computer with this package installed should be considered fully compromised.

    npmCompromised package
  84. activecritical

    Malware in @validator-sdk/pubkey

    Malware discovered in the npm package @validator-sdk/pubkey. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  85. containedcritical

    Malware in graphbase-js

    Malware was discovered in the npm package graphbase-js. Systems with the package installed or running are considered fully compromised and require immediate remediation.

    npmCompromised package
  86. activecritical

    Malware in ethers-jss

    Malware discovered in the npm package ethers-jss. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  87. activecritical

    Malware in @validate-sdk/v2

    The npm package @validate-sdk/v2 contains malware that grants full system compromise to an outside entity. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  88. activecritical

    Malware in @meme-sdk/trade

    Malware discovered in the npm package @meme-sdk/trade. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  89. activecritical

    Malware in get-deps-path

    The npm package get-deps-path contains malware that grants full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  90. activecritical

    Malware in @easytipsportal/pos-adapters

    Malware discovered in the npm package @easytipsportal/pos-adapters. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  91. activecritical

    Malware in csc154-internall-depend

    Malware discovered in the npm package csc154-internall-depend. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  92. containedcritical

    Malware in prettier-sdk

    Malware was discovered in the npm package prettier-sdk, resulting in full system compromise for any installation. The package grants outside entities complete control of affected systems.

    npmCompromised package
  93. activecritical

    Malware in tailwind-animator

    Malware discovered in the npm package tailwind-animator. Systems with this package installed or running are considered fully compromised and require immediate remediation.

    npmCompromised package
  94. activecritical

    Malware in martinez-polygon-clipping-tony

    Malware discovered in the npm package martinez-polygon-clipping-tony. The package grants full system compromise to attackers and should be considered a critical threat to any system where it is installed or running.

    npmCompromised package
  95. activecritical

    Malware in use-context-selector-tony

    The npm package use-context-selector-tony contains malware that grants full system compromise to attackers. Any computer with this package installed should be considered fully compromised and all secrets and keys should be rotated immediately from a different machine.

    npmCompromised package
  96. activecritical

    Malware in python-utils

    The npm package python-utils was compromised and distributed with malware. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  97. containedcritical

    Malware in solc-abi

    Malware was discovered in the npm package solc-abi, affecting any system with the package installed. The compromise is considered critical, with full system compromise possible.

    npmCompromised package
  98. containedcritical

    Malware in solc-compiler

    The npm package solc-compiler was found to contain malware. Any system with this package installed or running should be considered fully compromised, requiring immediate rotation of all secrets and keys from a different computer.

    npmCompromised package
  99. activecritical

    Malware in npmjs_web3-util

    Malware discovered in the npm package web3-util. Systems with this package installed are considered fully compromised and require immediate remediation including secret rotation and package removal.

    npmCompromised package
  100. containedcritical

    Malware in npmjs_solc-helper

    The npm package npmjs_solc-helper contained malware, potentially granting full system compromise to attackers. Any system with this package installed should be considered fully compromised and all secrets and keys rotated immediately from a different computer.

    npmCompromised package
  101. containedcritical

    Malware in ethers-wordlist

    Malware was discovered in the npm package ethers-wordlist. Systems with this package installed are considered fully compromised and require immediate remediation including key rotation and package removal.

    npmCompromised package
  102. containedcritical

    Malware in npmjs_truffle-helper

    Malware was discovered in the npm package npmjs_truffle-helper. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  103. containedcritical

    Malware in npmjs_ethers-common

    Malware was discovered in the npm package ethers-common. Systems with this package installed are considered fully compromised and require immediate remediation including secret rotation and package removal.

    npmCompromised package
  104. containedcritical

    Malware in anaylze-json

    Malware was discovered in the npm package anaylze-json. Systems with this package installed or running should be considered fully compromised and require immediate remediation.

    npmCompromised package
  105. activecritical

    Malware in plugin-fastify

    Malware discovered in the npm package plugin-fastify. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  106. resolvedcritical

    Malware in devkitx

    The npm package devkitx contained malware that provided full system compromise to attackers. Any computer with the package installed or running should be considered fully compromised.

    npmCompromised package
  107. activecritical

    Malware in solidity-abi

    Malware discovered in the npm package solidity-abi. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  108. containedcritical

    Malware in npmjs_hardhat-common

    Malware was distributed via the npmjs_hardhat-common package on npm. Any computer with this package installed should be considered fully compromised.

    npmCompromised package
  109. containedcritical

    Malware in security-env-loader

    The npm package security-env-loader contained malware that could fully compromise any system where it was installed or executed. All secrets and keys on affected systems should be rotated immediately from a different computer.

    npmCompromised package
  110. containedcritical

    Malware in @builder.io/dev-tools

    Malware was discovered in the npm package @builder.io/dev-tools, resulting in full system compromise for any computer with the package installed or running. All secrets and keys on affected systems should be rotated immediately from a different computer.

    npmCompromised package
  111. containedcritical

    Malware in auth0-templates-scripts-utils

    Malware was discovered in the npm package auth0-templates-scripts-utils. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  112. containedcritical

    Malware in auth0-templates-scripts

    Malware was discovered in the npm package auth0-templates-scripts. Systems with this package installed or running should be considered fully compromised, with all secrets and keys requiring immediate rotation from a different computer.

    npmCompromised package
  113. activecritical

    Malware in npmjs_web3-common

    Malware was discovered in the npm package web3-common. Systems with this package installed are considered fully compromised and require immediate remediation including secret rotation and package removal.

    npmCompromised package
  114. containedcritical

    Malware in nw-demo-utils

    Malware was discovered in the npm package nw-demo-utils. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  115. containedcritical

    Malware in react-tracked-tony

    Malware was discovered in the npm package react-tracked-tony. Systems with this package installed or running should be considered fully compromised, with all secrets and keys requiring immediate rotation from a different computer.

    npmCompromised package
  116. activecritical

    Malware in martinez-polygon-clipping-simul-dalton

    The npm package martinez-polygon-clipping-simul-dalton contains malware that grants full system compromise to attackers. Any computer with this package installed should be considered fully compromised and all secrets and keys rotated immediately from a different machine.

    npmCompromised package
  117. resolvedcritical

    Malware in nw-demo

    The npm package nw-demo contained malware that could fully compromise any system where it was installed or executed. GitHub Security Advisory GHSA-hmxw-6c9h-v2h2 was published on 2026-06-10 to alert users of the threat.

    npmCompromised package
  118. activecritical

    Malware in xnder-wrapper-module

    Malware discovered in the npm package xnder-wrapper-module. Systems with this package installed or running are considered fully compromised, with potential for complete system takeover.

    npmCompromised package
  119. activecritical

    Malware in progerss-cli

    Malware discovered in the npm package progerss-cli. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  120. containedcritical

    Malware in ui-weave

    Malware was discovered in the npm package ui-weave, resulting in full system compromise of any computer with the package installed or running. All secrets and keys on affected systems should be rotated immediately from a different computer.

    npmCompromised package
  121. containedcritical

    Malware in @doaction/http

    Malware was discovered in the npm package @doaction/http. Systems with this package installed or running are considered fully compromised, with potential for complete system takeover.

    npmCompromised package
  122. containedcritical

    Malware in @doaction/shared

    Malware was discovered in the npm package @doaction/shared. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  123. containedcritical

    Malware in void-ulid

    Malware was discovered in the npm package void-ulid, resulting in full system compromise for any computer with the package installed or running. All affected systems should be considered fully compromised and all secrets and keys rotated immediately from a different computer.

    npmCompromised package
  124. activecritical

    Malware in path-extend

    The npm package path-extend contains malware that grants full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised and all secrets and keys should be rotated immediately from a different computer.

    npmCompromised package
  125. containedcritical

    Malware in comos-sdk

    Malware was discovered in the npm package comos-sdk, resulting in full system compromise for any installation. The package should be removed and all secrets and keys rotated from a clean system.

    npmCompromised package
  126. containedcritical

    Malware in cookie-parser-legacy

    Malware was discovered in the npm package cookie-parser-legacy. Systems with this package installed are considered fully compromised and require immediate remediation including secret rotation and package removal.

    npmCompromised package
  127. containedcritical

    Malware in enquriers

    The npm package enquriers was found to contain malware, resulting in full system compromise of any computer with the package installed or running. All secrets and keys should be rotated immediately from a different computer, and the package should be removed.

    npmCompromised package
  128. containedcritical

    Malware in transacts

    The npm package transacts was found to contain malware, resulting in full system compromise of any computer with the package installed or running. All secrets and keys should be rotated immediately from a different computer, and the package should be removed.

    npmCompromised package
  129. activecritical

    Malware in kecak256

    The npm package kecak256 was compromised and contains malware. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  130. activecritical

    Malware in @doaction/wasm-loader

    Malware was discovered in the npm package @doaction/wasm-loader. Systems with this package installed or running are considered fully compromised, with potential for complete system takeover.

    npmCompromised package
  131. containedcritical

    Malware in xorma-js

    Malware was discovered in the npm package xorma-js, resulting in full system compromise of any computer with the package installed or running. All secrets and keys on affected systems should be rotated immediately from a different computer.

    npmCompromised package
  132. containedcritical

    Malware in @doaction/rrweb-sdk

    Malware was discovered in the npm package @doaction/rrweb-sdk. Systems with this package installed or running are considered fully compromised and may have given outside entities full control of the computer.

    npmCompromised package
  133. containedcritical

    Malware in @doaction/types

    Malware was discovered in the npm package @doaction/types. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  134. activecritical

    Malware in @doaction/signalhub

    Malware was discovered in the npm package @doaction/signalhub. Systems with this package installed or running should be considered fully compromised, with all secrets and keys requiring immediate rotation from a different computer.

    npmCompromised package
  135. containedcritical

    Malware in @doaction/systeminformation

    The npm package @doaction/systeminformation contained malware that grants full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  136. activecritical

    Malware in @doaction/mapstore

    The npm package @doaction/mapstore contains malware that grants full control of affected systems. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  137. activecritical

    Malware in clsx-js

    Malware discovered in the npm package clsx-js. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  138. containedcritical

    Malware in @doaction/pay

    Malware was discovered in the npm package @doaction/pay. Systems with this package installed or running should be considered fully compromised and require immediate remediation.

    npmCompromised package
  139. containedcritical

    Malware in @doaction/examples

    Malware was discovered in the npm package @doaction/examples. Systems with this package installed or running should be considered fully compromised, with all secrets and keys requiring immediate rotation from a different computer.

    npmCompromised package
  140. containedcritical

    Malware in os-ulid-void

    The npm package os-ulid-void was found to contain malware, potentially providing full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  141. activecritical

    Malware in @doaction/auth

    Malware discovered in the npm package @doaction/auth. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  142. activecritical

    Malware in @doaction/example

    The npm package @doaction/example contains malware that grants full control of affected systems to an outside entity. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  143. containedcritical

    Malware in @doaction/eventemitter

    Malware was discovered in the npm package @doaction/eventemitter. Systems with this package installed or running are considered fully compromised and require immediate remediation.

    npmCompromised package
  144. containedcritical

    Malware in buffer-utilities

    Malware was discovered in the npm package buffer-utilities, resulting in full system compromise for any installation. The package should be removed immediately and all secrets and keys rotated from a clean system.

    npmCompromised package
  145. containedcritical

    Malware in github-archiver

    The npm package github-archiver was found to contain malware. Systems with this package installed are considered fully compromised and require immediate remediation.

    npmCompromised package
  146. containedcritical

    Malware in dbmux

    Malware was discovered in the npm package dbmux. Any computer with this package installed or running should be considered fully compromised, requiring immediate rotation of all secrets and keys from a different system.

    npmCompromised package
  147. containedcritical

    Malware in @doaction/storage

    Malware was discovered in the npm package @doaction/storage. Systems with this package installed are considered fully compromised and require immediate remediation including credential rotation and package removal.

    npmCompromised package
  148. activecritical

    Malware in @doaction/sudo-prompt

    Malware was discovered in the npm package @doaction/sudo-prompt. Systems with this package installed or running are considered fully compromised and require immediate remediation.

    npmCompromised package
  149. containedcritical

    Malware in moustick

    Malware was discovered in the npm package moustick, resulting in full system compromise for any installation. The package should be removed immediately and all secrets and keys rotated from a different computer.

    npmCompromised package
  150. containedcritical

    Malware in nodemon-copack

    The npm package nodemon-copack contained malware that grants full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised.

    npmCompromised package
  151. activecritical

    Malware in chai-mocks

    Malware discovered in the npm package chai-mocks. Systems with this package installed are considered fully compromised and require immediate remediation including secret rotation and package removal.

    npmCompromised package
  152. activecritical

    Malware in nodemon-lint

    The npm package nodemon-lint contains malware that grants full system compromise to attackers. Any computer with this package installed or running should be considered fully compromised and all secrets and keys rotated immediately from a different machine.

    npmCompromised package
  153. activecritical

    Malware in regexp-ts

    The npm package regexp-ts contains malware that provides full system compromise to attackers. Any computer with this package installed should be considered fully compromised and all secrets and keys rotated immediately from a different machine.

    npmCompromised package
  154. containedcritical

    Malware in classwind-utils

    Malware was discovered in the npm package classwind-utils. Systems with this package installed or running are considered fully compromised and require immediate remediation.

    npmCompromised package
  155. containedhigh

    New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

    Hackers compromised 19 science-focused packages on PyPI in a Shai-Hulud supply-chain attack. The trojanized packages were collectively downloaded hundreds of thousands of times and delivered malware designed to steal developer secrets.

    Shai-HuludPyPICompromised package
  156. activecritical

    The Hades Campaign: Graph ML PyPI Packages Deploy Cross-Platform Memory Scrapers, AI Analyst Misdirection, and a Wiper Deterrent

    On June 8, 2026, multiple Graph ML PyPI packages were compromised in the Hades campaign, deploying cross-platform memory scrapers, AI prompt injections for analyst misdirection, and token-revocation wipers. The attack targeted the bioinformatics ecosystem with sophisticated evasion techniques.

    HadesPyPICompromised package
  157. containedhigh

    Hola Browser for Windows compromised to deliver cryptominer

    The Windows version of Hola Browser was compromised in a supply chain attack that delivered an undeclared cryptocurrency miner executable to users. The compromise affected the browser's distribution or update mechanism.

    OtherCompromised packageUpdate-server compromise
  158. activehigh

    New IronWorm malware hits 36 packages in npm supply-chain attack

    A supply-chain attack infected 36 packages on npm with IronWorm infostealer malware. The attack compromised multiple packages in the Node Package Manager ecosystem, potentially affecting downstream users and applications.

    IronWormnpmCompromised package
  159. activecritical

    Miasma npm Supply Chain Attack: Self-Spreading Worm via Phantom Gyp

    A self-replicating worm named Miasma is spreading across the npm registry by injecting malicious code into binding.gyp files, which execute during npm install without requiring package.json script modifications. The attack has already compromised dozens of packages across multiple maintainer accounts and evades conventional security detection.

    MiasmanpmCompromised packageMalicious commit
  160. containedcritical

    Multiple redhat-cloud-services npm Packages compromised

    Multiple npm packages in the @redhat-cloud-services scope were compromised with malicious payloads. The attack used preinstall hooks to execute a multi-stage credential harvester targeting cloud and CI/CD platform secrets.

    MiasmanpmCompromised package
  161. activehigh

    Miasma: Supply Chain Attack Targeting RedHat npm Packages

    Miasma is a supply chain attack targeting RedHat npm packages, leveraging malicious npm packages based on the open-sourced Mini Shai-Hulud malware. Specific affected packages and versions were not disclosed in the available source text.

    Mini Shai HuludnpmCompromised package
  162. activecritical

    Shai-Hulud: Here We Go Again. Mass npm Supply Chain Attack Hits the AntV Ecosystem

    A new wave of the Mini Shai-Hulud worm has compromised multiple npm packages across Alibaba's AntV data visualization ecosystem, including echarts-for-react and timeago.js. Stolen CI/CD secrets are being exfiltrated and dumped to thousands of public GitHub repositories as the attack spreads.

    Mini Shai HuludnpmOtherCompromised packageAccount takeover
  163. resolvedhigh

    durabletask: TeamPCP's Latest PyPi Compromise

    Malicious versions of the PyPI package durabletask were published, attributed to the TeamPCP threat actor. The attack matches known TeamPCP tactics used in prior supply chain compromises.

    TeamPCPPyPICompromised package
  164. activecritical

    The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave

    TeamPCP conducted a multi-ecosystem supply chain compromise targeting the @antv package and associated development infrastructure. The attack leveraged GitHub, NPM, and VSCode to steal credentials and establish persistence mechanisms.

    TeamPCPnpmOtherAccount takeoverCompromised packageMalicious maintainer
  165. activecritical

    Active Supply Chain Attack: Malicious node-ipc Versions Published to npm

    StepSecurity identified multiple malicious releases of the popular node-ipc npm package containing an obfuscated payload designed to steal cloud credentials, SSH keys, and CI/CD secrets. The attack is ongoing and under active analysis.

    npmCompromised package
  166. containedcritical

    Microsoft's durabletask PyPI Package Compromised in Supply Chain Attack

    Three malicious versions of Microsoft's durabletask Python package were published to PyPI on May 19, 2026, containing a 28 KB payload that steals credentials from cloud providers (AWS, Azure, GCP), Kubernetes, password managers, and developer tools. The attack has been attributed to the TeamPCP threat group and exhibits indicators of Eastern European cybercrime operations.

    TeamPCPPyPICompromised package
  167. activehigh

    Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised

    A supply chain campaign called "Mini Shai-Hulud" has compromised multiple npm packages, including high-value TanStack developer tooling. The campaign appears to be an ongoing effort targeting critical npm infrastructure.

    Mini Shai HuludnpmCompromised package
  168. activecritical

    TeamPCP's Mini Shai-Hulud Is Back: A Self-Spreading Supply Chain Attack Compromises TanStack npm Packages

    The Mini Shai-Hulud worm is actively compromising legitimate npm packages by hijacking CI/CD pipelines and stealing developer secrets. The attack was first detected by StepSecurity in official @tanstack packages and is spreading across the npm ecosystem in real time.

    TeamPCPMini Shai HuludnpmOtherCompromised packageBuild-system compromise
  169. containedcritical

    TeamPCP Injects Two-Stage Credential Stealer into xinference PyPI Package

    The xinference package on PyPI was compromised with a two-stage credential stealer attributed to the TeamPCP threat actor. The malicious code was injected into the package, potentially affecting users who installed compromised versions.

    TeamPCPPyPICompromised packageMalicious maintainer
  170. activehigh

    A Mini Shai-Hulud Has Appeared: Obfuscated Bun Runtime Payloads Hit SAP-Related npm Packages

    StepSecurity identified an npm supply chain attack campaign targeting SAP-ecosystem packages using preinstall hooks to download and execute an obfuscated Bun runtime payload. At least two SAP-related npm packages have been confirmed compromised in this active campaign.

    Mini Shai HuludnpmCompromised package
  171. containedcritical

    Bitwarden CLI Hijacked on npm: Bun-Staged Credential Stealer Targets Developers, GitHub Actions, and AI Tools

    @bitwarden/cli@2026.4.0 was compromised on npm with a malicious preinstall hook that deployed an obfuscated credential stealer. The malware harvests developer secrets, GitHub Actions tokens, and AI tool configurations, exfiltrating encrypted data to a Checkmarx-impersonating domain.

    Shai-HuludTeamPCPnpmCompromised package
  172. activecritical

    Shai-Hulud Worm Pivots to Multi-Cloud: intercom-client@7.0.4 Hijacked — 361,000 Weekly Downloads, AWS, GCP, and Azure Credentials Now in Scope

    The Shai-Hulud worm has hijacked intercom-client@7.0.4 (361,510 weekly downloads) via a compromised GitHub Actions OIDC publishing pipeline, 29 hours after compromising mbt@1.2.48 and @cap-js/sqlite@2.2.2. The worm is actively propagating through CI/CD infrastructure stolen from earlier victims, targeting multi-cloud credentials (AWS, GCP, Azure).

    Shai-HuludnpmOtherCompromised packageBuild-system compromiseAccount takeover
  173. containedhigh

    lightning: Obfuscated JavaScript Credential Stealer Bundled in PyPI Wheel

    The lightning PyPI package versions 2.6.2 and 2.6.3 were compromised on April 30, 2026, containing obfuscated JavaScript code designed to steal credentials. The project's GitHub account showed signs of compromise, with suspicious responses closing vulnerability reports.

    Mini Shai HuludPyPICompromised packageMalicious maintainer
  174. activehigh

    Supply Chain Campaign Targets SAP npm Packages with Credential-Stealing Malware

    A supply chain campaign dubbed "Mini Shai Hulud" targeted SAP npm packages with malicious versions containing credential-stealing malware. The campaign follows patterns similar to previous Shai-Hulud attacks.

    Mini Shai HuludShai-HuludnpmCompromised packageMalicious commit
  175. containedhigh

    10 Layers Deep: How StepSecurity Stops TeamPCP's Trivy Supply Chain Attack on GitHub Actions

    TeamPCP compromised 76 Trivy version tags on GitHub Actions in an overnight attack, followed by a similar KICS compromise using the same methodology. The attacks targeted credential exfiltration through malicious GitHub Actions.

    TeamPCPOtherContainer registryCompromised packageAccount takeover
  176. containedhigh

    Cline Supply Chain Attack Detected: cline@2.3.0 Silently Installs OpenClaw

    Version 2.3.0 of the npm package cline was found to silently install OpenClaw, a malicious payload. The attack was detected and the incident is contained.

    npmCompromised package
  177. activecritical

    @velora-dex/sdk Compromised on npm: Malicious Version Drops macOS Backdoor via launchctl Persistence

    A malicious version of the @velora-dex/sdk npm package was published, delivering an architecture-aware macOS backdoor that activates on import with no visible indicators. The attack occurred at the registry level without repository commits or install hooks.

    npmCompromised package
  178. activecritical

    axios Compromised on npm - Malicious Versions Drop Remote Access Trojan

    A maintainer account for the widely-used axios npm package was compromised and used to publish poisoned versions 1.14.1 and 0.30.4. The malicious releases contained a hidden dependency that drops a cross-platform remote access trojan (RAT).

    UNC1069npmAccount takeoverCompromised package
  179. resolvedcritical

    Behind the Scenes: How StepSecurity Detected and Helped Remediate the Largest npm Supply Chain Attack

    StepSecurity detected a compromise of axios, described as the largest npm supply chain attack on a single package by download count. A state-sponsored threat actor is reported to have actively suppressed warnings by deleting GitHub issues. Detection occurred before public disclosure.

    UNC1069npmCompromised packageMalicious maintainer
  180. activecritical

    Malicious IoliteLabs VSCode Extensions Target Solidity Developers on Windows, macOS, and Linux with Backdoor

    Three IoliteLabs VSCode extensions (solidity-macos, solidity-windows, solidity-linux) containing obfuscated backdoors targeting Solidity and Web3 developers across Windows, macOS, and Linux. The backdoors download remote payloads and establish persistence mechanisms on infected systems.

    Container registryOtherCompromised packageMalicious maintainer
  181. containedcritical

    TeamPCP Plants WAV Steganography Credential Stealer in telnyx PyPI Package

    On March 27, 2026, TeamPCP injected a WAV steganography-based credential stealer into two releases of the telnyx Python SDK on PyPI. The group was identified by shared cryptographic signatures and exfiltration methods matching their earlier litellm compromise.

    TeamPCPPyPICompromised package
  182. containedcritical

    litellm: Credential Stealer Hidden in PyPI Wheel

    A critical supply chain compromise in litellm==1.82.8 on PyPI was identified on March 24, 2026. The malicious PyPI wheel contains a credential stealer hidden in a litellm_init.pth file that executes during package initialization.

    TeamPCPPyPICompromised package
  183. containedcritical

    Trivy Compromised: Everything You Need to Know about the Latest Supply Chain Attack

    On March 19, 2026, threat actors attributed to "TeamPCP" injected credential-stealing malware into Aqua Security's Trivy scanner and related GitHub Actions. The compromise affected the supply chain of a widely-used container security tool, potentially exposing credentials and secrets in CI/CD environments.

    TeamPCPContainer registryOtherCompromised packageMalicious commit
  184. containedcritical

    bittensor-wallet 4.0.2 Compromised on PyPI - Backdoor Exfiltrates Private Keys

    bittensor-wallet 4.0.2 was published to PyPI on March 17, 2026 with a backdoor that exfiltrates private keys. The compromised package remained available for approximately 48 hours before being yanked from the repository.

    PyPICompromised package
  185. containedhigh

    Malicious npm Releases Found in Popular React Native Packages - 130K+ Monthly Downloads Compromised

    Malicious releases were discovered in two popular React Native npm packages—react-native-international-phone-number and react-native-country-select—affecting packages with 130K+ monthly downloads combined. StepSecurity detected and reported the compromise on March 16, 2026, and immediately notified maintainers and the community.

    ForceMemonpmCompromised package
  186. activecritical

    Malware in utils-mf

    Malware in utils-mf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside e

    npmCompromised package
  187. activecritical

    Malware in react-ui-polyfills

    Malware in react-ui-polyfills Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an

    npmCompromised package
  188. activecritical

    Malware in ulid-os

    Malware in ulid-os Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside en

    npmCompromised package
  189. activecritical

    Malware in reactvora

    Malware in reactvora Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside

    npmCompromised package
  190. activecritical

    Malware in glyphr

    Malware in glyphr Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside ent

    npmCompromised package
  191. activecritical

    Malware in @jagreehal/workflow

    Malware in @jagreehal/workflow Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to a

    MiasmanpmCompromised package
  192. activecritical

    Malware in autotel-terminal

    Malware in autotel-terminal Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an o

    MiasmanpmCompromised package
  193. activecritical

    Withdrawn Advisory: Malware in supabase

    Withdrawn Advisory: Malware in supabase ### Withdrawn Advisory This advisory has been withdrawn because the malware detection was a false positive. This link is maintained to preserve external references. ### Original Description Any computer that has this package installed or running should be considered fully comprom

    npmCompromised package
  194. activecritical

    Malware in nodemon-pack

    Malware in nodemon-pack Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outsi

    npmCompromised package
  195. activecritical

    Malware in webpack-json

    Malware in webpack-json Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outsi

    npmCompromised package
  196. activecritical

    Malware in nodemon-webpatch

    Malware in nodemon-webpatch Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an o

    npmCompromised package
  197. activecritical

    Malware in chai-midpatch

    Malware in chai-midpatch Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outs

    npmCompromised package
  198. activecritical

    Malware in chai-parse

    Malware in chai-parse Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside

    npmCompromised package
  199. activecritical

    Malware in peertube-plugin-google-analytics-js

    Malware in peertube-plugin-google-analytics-js Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  200. activecritical

    Malware in @redhat-cloud-services/hcc-feo-mcp

    Malware in @redhat-cloud-services/hcc-feo-mcp Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    MiasmanpmAI agents & skillsCompromised package
  201. activecritical

    Malware in @redhat-cloud-services/rule-components

    Malware in @redhat-cloud-services/rule-components Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may h

    MiasmanpmCompromised package
  202. activecritical

    Malware in @redhat-cloud-services/frontend-components

    Malware in @redhat-cloud-services/frontend-components Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer m

    MiasmanpmCompromised package
  203. activecritical

    Malware in @redhat-cloud-services/quickstarts-client

    Malware in @redhat-cloud-services/quickstarts-client Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer ma

    MiasmanpmCompromised package
  204. activecritical

    Malware in @redhat-cloud-services/topological-inventory-client

    Malware in @redhat-cloud-services/topological-inventory-client Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the c

    MiasmanpmCompromised package
  205. activecritical

    Malware in @redhat-cloud-services/rbac-client

    Malware in @redhat-cloud-services/rbac-client Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    MiasmanpmCompromised package
  206. activecritical

    Malware in @redhat-cloud-services/frontend-components-remediations

    Malware in @redhat-cloud-services/frontend-components-remediations Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of t

    MiasmanpmCompromised package
  207. activecritical

    Malware in @redhat-cloud-services/sources-client

    Malware in @redhat-cloud-services/sources-client Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may ha

    MiasmanpmCompromised package
  208. activecritical

    Malware in to-cms

    Malware in to-cms Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside ent

    npmCompromised package
  209. activecritical

    Malware in chainix

    Malware in chainix Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside en

    npmCompromised package
  210. activecritical

    Malware in chai-as-minted

    Malware in chai-as-minted Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an out

    npmCompromised package
  211. activecritical

    Malware in @tmecontinue/cli

    Malware in @tmecontinue/cli Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an o

    npmCompromised package
  212. activecritical

    Malware in collected-forms-embed-js

    Malware in collected-forms-embed-js Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given

    npmCompromised package
  213. activecritical

    Malware in cms-github

    Malware in cms-github Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside

    npmCompromised package
  214. activecritical

    Malware in cms-storehub

    Malware in cms-storehub Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outsi

    npmCompromised package
  215. activecritical

    Malware in cms-helpgit

    Malware in cms-helpgit Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outsid

    npmCompromised package
  216. activecritical

    Malware in jingmeideshishi

    Malware in jingmeideshishi Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an ou

    npmCompromised package
  217. activecritical

    Malware in @pcldpvkoewpogw/testhacker

    Malware in @pcldpvkoewpogw/testhacker Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been giv

    npmCompromised package
  218. activecritical

    Malware in @osamdefeirrighs/testhackfrrferrr

    Malware in @osamdefeirrighs/testhackfrrferrr Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have b

    npmCompromised package
  219. activecritical

    Malware in @ewfewfewf/testhackerrr

    Malware in @ewfewfewf/testhackerrr Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given

    npmCompromised package
  220. activecritical

    Malware in @redhat-cloud-services/eslint-config-redhat-cloud-services

    Malware in @redhat-cloud-services/eslint-config-redhat-cloud-services Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control o

    MiasmanpmCompromised package
  221. activecritical

    Malware in @redhat-cloud-services/types

    Malware in @redhat-cloud-services/types Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been g

    MiasmanpmCompromised package
  222. activecritical

    Malware in nemo-reporter

    Malware in nemo-reporter Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outs

    npmCompromised package
  223. activecritical

    Malware in motion-tool

    Malware in motion-tool Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outsid

    npmCompromised package
  224. activecritical

    Malware in loading-session

    Malware in loading-session Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an ou

    npmCompromised package
  225. activecritical

    Malware in @redhat-cloud-services/frontend-components-config

    Malware in @redhat-cloud-services/frontend-components-config Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the com

    MiasmanpmCompromised package
  226. activecritical

    Malware in randomlogs

    Malware in randomlogs Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside

    npmCompromised package
  227. activecritical

    Malware in @redhat-cloud-services/integrations-client

    Malware in @redhat-cloud-services/integrations-client Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer m

    MiasmanpmCompromised package
  228. activecritical

    Malware in @redhat-cloud-services/frontend-components-testing

    Malware in @redhat-cloud-services/frontend-components-testing Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the co

    MiasmanpmCompromised package
  229. activecritical

    Malware in xarc-webpack-cli

    Malware in xarc-webpack-cli Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an o

    npmCompromised package
  230. activecritical

    Malware in audit-logsss

    Malware in audit-logsss Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outsi

    npmCompromised package
  231. activecritical

    Malware in @tmecontinue/claude

    Malware in @tmecontinue/claude Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to a

    npmAI agents & skillsCompromised package
  232. activecritical

    Malware in @redhat-cloud-services/chrome

    Malware in @redhat-cloud-services/chrome Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been

    MiasmanpmCompromised package
  233. activecritical

    Malware in @redhat-cloud-services/frontend-components-config-utilities

    Malware in @redhat-cloud-services/frontend-components-config-utilities Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control

    MiasmanpmCompromised package
  234. activecritical

    Malware in @chat-template/auth

    Malware in @chat-template/auth Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to a

    npmCompromised package
  235. activecritical

    Malware in @redhat-cloud-services/entitlements-client

    Malware in @redhat-cloud-services/entitlements-client Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer m

    MiasmanpmCompromised package
  236. activecritical

    Malware in json-to-simple-graphql-schema

    Malware in json-to-simple-graphql-schema Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been

    npmCompromised package
  237. activecritical

    Malware in @antoncallahan/aws-user-helper

    Malware in @antoncallahan/aws-user-helper Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been

    npmCompromised package
  238. activecritical

    Malware in shopifyto-cms

    Malware in shopifyto-cms Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outs

    npmCompromised package
  239. activecritical

    Malware in @t-in-one/save_application_hid_to_storage

    Malware in @t-in-one/save_application_hid_to_storage Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer ma

    npmCompromised package
  240. activecritical

    Malware in @cloudplatform-single-spa/monitoring

    Malware in @cloudplatform-single-spa/monitoring Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may hav

    npmCompromised package
  241. activecritical

    Malware in @cloudplatform-single-spa/ssh-keys

    Malware in @cloudplatform-single-spa/ssh-keys Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  242. activecritical

    Malware in @cloudplatform-single-spa/support

    Malware in @cloudplatform-single-spa/support Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have b

    npmCompromised package
  243. activecritical

    Malware in @cloudplatform-single-spa/svp-interfaces

    Malware in @cloudplatform-single-spa/svp-interfaces Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may

    npmCompromised package
  244. activecritical

    Malware in @cloudplatform-single-spa/datagrid

    Malware in @cloudplatform-single-spa/datagrid Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  245. activecritical

    Malware in @cloudplatform-single-spa/ml-ai-agents-agent-system

    Malware in @cloudplatform-single-spa/ml-ai-agents-agent-system Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the c

    npmCompromised package
  246. activecritical

    Malware in @cloudplatform-single-spa/security-groups

    Malware in @cloudplatform-single-spa/security-groups Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer ma

    npmCompromised package
  247. activecritical

    Malware in @cloudplatform-single-spa/floating-ips

    Malware in @cloudplatform-single-spa/floating-ips Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may h

    npmCompromised package
  248. activecritical

    Malware in @t-in-one/add_application

    Malware in @t-in-one/add_application Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been give

    npmCompromised package
  249. activecritical

    Malware in @cloudplatform-single-spa/enterprise

    Malware in @cloudplatform-single-spa/enterprise Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may hav

    npmCompromised package
  250. activecritical

    Malware in @cloudplatform-single-spa/base-static-page

    Malware in @cloudplatform-single-spa/base-static-page Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer m

    npmCompromised package
  251. activecritical

    Malware in @cloudplatform-single-spa/dataplatform

    Malware in @cloudplatform-single-spa/dataplatform Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may h

    npmCompromised package
  252. activecritical

    Malware in @t-in-one/prefill_bundle_data_token

    Malware in @t-in-one/prefill_bundle_data_token Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  253. activecritical

    Malware in @t-in-one/prefill_credit_data_token

    Malware in @t-in-one/prefill_credit_data_token Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  254. activecritical

    Malware in @t-in-one/prefill_transformers_data_token

    Malware in @t-in-one/prefill_transformers_data_token Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer ma

    npmCompromised package
  255. activecritical

    Malware in @cloudplatform-single-spa/business-solutions

    Malware in @cloudplatform-single-spa/business-solutions Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer

    npmCompromised package
  256. activecritical

    Malware in @t-in-one/restore_application_hid_from_storage

    Malware in @t-in-one/restore_application_hid_from_storage Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the comput

    npmCompromised package
  257. activecritical

    Malware in @cloudplatform-single-spa/dataplatform-trino

    Malware in @cloudplatform-single-spa/dataplatform-trino Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer

    npmCompromised package
  258. activecritical

    Malware in customerdigital-service-lib

    Malware in customerdigital-service-lib Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been gi

    npmCompromised package
  259. activecritical

    Malware in @cloudplatform-single-spa/arenadata-db

    Malware in @cloudplatform-single-spa/arenadata-db Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may h

    npmCompromised package
  260. activecritical

    Malware in midoss

    Malware in midoss Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside ent

    npmCompromised package
  261. activecritical

    Withdrawn Advisory: Malware in puppeteer

    Withdrawn Advisory: Malware in puppeteer ### Withdrawn Advisory This advisory has been withdrawn because the malicious package detection was a false positive. This link is maintained to preserve external references. ### Original Description Any computer that has this package installed or running should be considered fu

    npmCompromised package
  262. activecritical

    Malware in @t-in-one/add_app_middleware_token

    Malware in @t-in-one/add_app_middleware_token Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  263. activecritical

    Malware in power-platform-playwright-toolkit

    Malware in power-platform-playwright-toolkit Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have b

    npmCompromised package
  264. activecritical

    Malware in @cloudplatform-single-spa/logaas

    Malware in @cloudplatform-single-spa/logaas Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have be

    npmCompromised package
  265. activecritical

    Malware in @cloudplatform-single-spa/administration

    Malware in @cloudplatform-single-spa/administration Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may

    npmCompromised package
  266. activecritical

    Malware in @cloudplatform-single-spa/cnapp-ui

    Malware in @cloudplatform-single-spa/cnapp-ui Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  267. activecritical

    Malware in @cloudplatform-single-spa/cp-api-gw

    Malware in @cloudplatform-single-spa/cp-api-gw Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  268. activecritical

    Malware in @cloudplatform-single-spa/dataplatform-metastore

    Malware in @cloudplatform-single-spa/dataplatform-metastore Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the comp

    npmCompromised package
  269. activecritical

    Malware in @cloudplatform-single-spa/employees

    Malware in @cloudplatform-single-spa/employees Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  270. activecritical

    Malware in @cloudplatform-single-spa/ml-ai-agents-agent

    Malware in @cloudplatform-single-spa/ml-ai-agents-agent Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer

    npmCompromised package
  271. activecritical

    Malware in @cloudplatform-single-spa/svp-baas

    Malware in @cloudplatform-single-spa/svp-baas Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  272. activecritical

    Malware in @cloudplatform-single-spa/cloud-dns

    Malware in @cloudplatform-single-spa/cloud-dns Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  273. activecritical

    Malware in @cloudplatform-single-spa/marketplace-gigachat

    Malware in @cloudplatform-single-spa/marketplace-gigachat Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the comput

    npmCompromised package
  274. activecritical

    Malware in @cloudplatform-single-spa/svp-s3-storage

    Malware in @cloudplatform-single-spa/svp-s3-storage Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may

    npmCompromised package
  275. activecritical

    Malware in @t-in-one/add_application_service_token

    Malware in @t-in-one/add_application_service_token Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may

    npmCompromised package
  276. activecritical

    Malware in @t-in-one/add_application_tid

    Malware in @t-in-one/add_application_tid Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been

    npmCompromised package
  277. activecritical

    Malware in @t-in-one/send_add_application

    Malware in @t-in-one/send_add_application Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been

    npmCompromised package
  278. activecritical

    Malware in @t-in-one/safe_local_storage_token

    Malware in @t-in-one/safe_local_storage_token Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have

    npmCompromised package
  279. activecritical

    Malware in @sber-ecom-core/sberpay-widget

    Malware in @sber-ecom-core/sberpay-widget Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been

    npmCompromised package
  280. activecritical

    Malware in @capibar.chat/ui-kit

    Malware in @capibar.chat/ui-kit Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to

    npmCompromised package
  281. activecritical

    Malware in @t-in-one/get_application_hid

    Malware in @t-in-one/get_application_hid Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been

    npmCompromised package
  282. activecritical

    Malware in @t-in-one/only_difference_payload

    Malware in @t-in-one/only_difference_payload Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have b

    npmCompromised package
  283. activecritical

    Malware in @t-in-one/form_product_token

    Malware in @t-in-one/form_product_token Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been g

    npmCompromised package
  284. activecritical

    Malware in @t-in-one/application_id_storage_key_token

    Malware in @t-in-one/application_id_storage_key_token Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer m

    npmCompromised package
  285. activecritical

    Malware in @cloudplatform-single-spa/vpn

    Malware in @cloudplatform-single-spa/vpn Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been

    npmCompromised package