9907 matches found
Malicious code in process-app-task (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e9459ef3208e8a07fbb99a80ce6bc5f0a6b9c6511da51241bac7c034632b7e1 The package process-app-task was found to contain malicious code. Source: ghsa-malware e03db779eee12801bb79b31d14cb5519f499b54a039c4428b125a23c26a652...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization in the Team API endpoints due to improper authorization checks in the TeamController process. An attacker can gain unauthorized access to modify any team's membership, customer assignments, project assignments, and...
Malicious code in model-poc-suhail (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0077cfbeca02c255952633606e9fc0c50ef11fe0e50a083f9ab632b6ee01569 The package model-poc-suhail was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2026-25348
A vulnerability exists in SenseLive X3050’s web management interface due to improper session lifetime enforcement, allowing authenticated sessions to remain active for extended periods without requiring re-authentication. An attacker with access to a previously authenticated session could continu...
PT-2026-37123
Name of the Vulnerable Software and Affected Versions Kimai versions prior to 2.54.0 Description Team API endpoints in the TeamController.php file use the IsGranted'edit team' attribute instead of IsGranted'edit','team'. This causes the Symfony TeamVoter to abstain from voting, which removes...
kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check
A flaw was found in the Linux kernel's nftables component. A logic bug in nftmapcatchallactivate causes an inverted element activity check during the abort path of a failed transaction. This can lead to a use-after-free vulnerability, as catchall verdict elements may still reference a freed chain...
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens. The supply chain worm has been detected by both Socket and StepSecurity, with the companies tracking the...
MAL-2026-2984 Malicious code in @bmg-web/bmg-collapse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fac63a733e9add336ae6a3fa8cf87b72abbe29bb1efeb397b54dd35f2875fcd The package @bmg-web/bmg-collapse was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2988 Malicious code in @bmg-web/bmg-grid (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3145866a6b18a164c2246b0a000b18412f9f8cc10f5c4192a2a8925d213bedb1 The package @bmg-web/bmg-grid was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2981 Malicious code in @bmg-web/bmg-button (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b59b2c3d1c98e7a5f4faae9549ed4f302c9273e1efeaee63e70f3013300327c2 The package @bmg-web/bmg-button was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @bmg-web/bmg-button (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b59b2c3d1c98e7a5f4faae9549ed4f302c9273e1efeaee63e70f3013300327c2 The package @bmg-web/bmg-button was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @bmg-web/bmg-ajax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9d0060c1d5029ed1bcb3ed00c20e6a283a930b13d6e93072cebb3e97e45b78d The package @bmg-web/bmg-ajax was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2989 Malicious code in @bmg-web-features/bmg-user-interaction-tracker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60a8d06e34bceb11580d97e9e5b024221925eb7302ad803fcf48c22672995036 The package @bmg-web-features/bmg-user-interaction-tracker was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @bmg-web/bmg-external-link (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6373b00808251dd64521cfb1864a0bf382c5df23e976984dea8dbebf925bbb63 The package @bmg-web/bmg-external-link was found to contain malicious code. Source: ossf-package-analysis...
TL-RL-FusionNet: An Adaptive and Efficient Reinforcement Learning-Driven Transfer Learning Framework for Detecting Evolving Ransomware Threats
Modern ransomware exhibits polymorphic and evasive behaviors by frequently modifying execution patterns to evade detection. This dynamic nature disrupts feature spaces and limits the effectiveness of static or predefined models. To address this challenge, we propose TL-RL-FusionNet, a reinforceme...
MAL-2026-2967 Malicious code in 6161test1234 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074806dcf23de8a6066ce2cbbcc5f711ca552db945714be52cd8d3a7e1415af4 The package 6161test1234 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2954 Malicious code in bmg-web-features (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95e385a0f1c1bcc075d39332c519b28aebc80cd8474cbc78baff5ce19661b85f The package bmg-web-features was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in bmg-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26777925b4f8e199b125a969ad8c6f4e0ff672b87613b22ce2b67fe461ba218e The package bmg-web was found to contain malicious code. Source: ossf-package-analysis 27618387221affefb03509d50b0545c22b6d18574bc71aa6f218350ca5f152...
MAL-2026-2955 Malicious code in megabank-worklist (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f0a379223d486978f097d6f97b1d3a1fd307bb725be56c7baa2bc8ff72d297 The package megabank-worklist was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2951 Malicious code in hifromhere1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82931dc7313b2b9b93b8664655cbe445702e0fdcf1cc7e587b27758d2ef9cda1 The package hifromhere1 was found to contain malicious code. Source: ossf-package-analysis...