Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-004245
sonatype-2025-004245
Malicious Packages - Wed Oct 22 2025 [Dropper] [Lazarus]
Published Oct 22, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
CVSS Score
High
8.7
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
alert-codestreamer
3.3.4
npm
async-queuelite
1.0.11
npm
bcrypt-js-edge
3.3.4
npm
bcryptjs-node
3.3.4
npm
bcryptjs-node-js
3.3.4
npm
bcryptjs-nodejs
3.3.4
npm
bootstrap-flexgrid
1.9.15
npm
bootstrap-setcolor
1.9.15
npm
bootstrap-setcolor
1.9.16
npm
bootstrap-setcolors
1.9.16
npm
bootstrap-setflexcolor
1.9.15
npm
chai-utils
8.9.8
npm
charswap
7.2.7
npm
chunk-logger
3.3.6
npm
cookie-logger
3.8.2
npm
cookie-loggers
8.9.8
npm
cookie-loggo
0.0.6
npm
cookie-loggo
0.1.6
npm
cookies-logger
8.9.8
npm
cors-validator
3.1.2
npm
display-notifications
3.3.4
npm
dotjsenv
1.1.7
npm
dotnetenv
1.1.7
npm
eslint-logger
8.9.8
npm
eslint-plugin-react-purify
3.1.7
npm
eslint-plugin-react-purify
3.1.8
npm
eslint-plugin-react-purify
3.1.9
npm
eslints-logger
8.9.8
npm
gatepass
3.3.4
npm
glowmotion
1.9.7
npm
gridmancer
2.7.4
npm
http-err-notification
5.4.12
npm
http-req-logger
5.4.12
npm
httpreslog
1.0.12
npm
husky-logger
3.3.2
npm
husky-logger
3.3.6
npm
husky-logger
3.3.9
npm
jnscript
3.1.7
npm
js-coauth
7.2.7
npm
js-copack
1.1.7
npm
js-copack
1.1.8
npm
js-copack
7.2.7
npm
js-cotype
4.1.4
npm
js-multer
5.1.7
npm
js-nodecat
1.0.7
npm
js-notifiers
3.3.4
npm
js-prettier
3.3.4
npm
js-prettier
3.3.5
npm
js-repack
5.1.0
npm
js-unpack
1.1.7
1-50 of 295
sonatype-2025-004245 | Components Impacted | Sonatype Guide | Sonatype Guide
