The malicious code signature(s) has been found in resources:
I have magento 2.2.3 installed. I seen a few others have made post similar in some of my other searches but none have stated if its a glitch or what is causing the issue.
I have the exact same issues for two sites I set up to be scanned..
I've verified that there really isn't a real infection and the reports are false positives.
I tried to contact Magento regarding this at the email address provided and got this bounce:
|Your message to the Office 365 group firstname.lastname@example.org couldn't be delivered.|
|The group securityscan isn't set up to receive messages from|
I've had to disable the scans for now because they cant be trusted.
Would be nice to be able to flag something as a false positive or report it in a better way than on the forums..
Confirming exact same issue here, only seems to happen with minified js
Seems to be a false positive, but no idea how to report this , or even if Magento are interested ?
Just tacking on another instance of this is happening to me. I have other security scanners running that say nothing of this issue. I have also downloaded mwscan.txt and grepped as instructed in the current verion of magento-malware-scanner (https://github.com/gwillem/magento-malware-scanner/blob/master/docs/usage.md) without finding any issues. As such, this is probably a false positive, but would be great for Magento to confirm and correct the test case.