VYPR

npm · Malicious package advisory

Malware

winston-middleware

MAL-2026-7440

Malicious code in winston-middleware (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

Compromised versions (39)

  • 0.1.0
  • 0.1.1
  • 0.1.2
  • 0.1.3
  • 0.2.0
  • 0.2.1
  • 0.2.2
  • 0.2.3
  • 0.2.4
  • 0.3.1
  • 1.0.0
  • 1.1.0
  • 1.2.0
  • 1.3.0
  • 1.3.1
  • 1.4.0
  • 2.0.0
  • 3.0.0
  • 3.0.1
  • 4.0.0
  • 4.0.1
  • 4.0.2
  • 4.0.3
  • 4.0.4
  • 4.1.0
  • 4.2.0
  • 4.3.0
  • 4.3.1
  • 4.3.2
  • 4.3.3
  • 4.3.4
  • 4.3.5
  • 4.3.6
  • 4.3.7
  • 4.3.8
  • 4.4.0
  • 4.5.0
  • 4.5.3
  • 4.6.0

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.