3446 matches found
MAL-2026-394 Malicious code in n8n-nodes-zl-vietts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2958734e09db17aba6589bb89622305f26fc83a16d475018b5ae88b694b9e4c The package n8n-nodes-zl-vietts was found to contain malicious code. Source: ghsa-malware...
CVE-2025-66803
Race condition in the turbo-frame element handler in Hotwired Turbo before 8.0.x causes logout operations to fail when delayed frame responses reapply session cookies after logout. This can be exploited by remote attackers via selective network delays e.g. delaying requests based on sequence or...
Malicious code in mised-discordjs-selfbot-v14 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ef4b873f610d33783310bfb03753678bb9d0d93412063a29521d960c64c2af2 The package mised-discordjs-selfbot-v14 was found to contain malicious code. Source: ghsa-malware...
MAL-2026-363 Malicious code in pl-global-ec-uikit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 327cc69fee3f2500a3cf23d3c917935d3d7db124d0b7f3c136fead2f1d69f093 The package pl-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...
MAL-2026-366 Malicious code in testing-package-bose (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf9cef522b7a8b6ce59335bbac80dcc488adedcd397bbc6b1e12816b4c54d170 The package testing-package-bose was found to contain malicious code. Source: ghsa-malware...
MAL-2026-355 Malicious code in dux-portal-privacy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0778d9354ebf0d92914de85f6574e0a28cb68ad89214b500706673ac9f20c4a7 The package dux-portal-privacy was found to contain malicious code. Source: ghsa-malware...
CVE-2025-66803
Race condition in the turbo-frame element handler in Hotwired Turbo before 8.0.x causes logout operations to fail when delayed frame responses reapply session cookies after logout. This can be exploited by remote attackers via selective network delays e.g. delaying requests based on sequence or...
PT-2026-3642
Name of the Vulnerable Software and Affected Versions Hotwired Turbo versions prior to 8.0.0 Description A race condition exists in the turbo-frame element handler. This issue can cause logout operations to fail when delayed frame responses reapply session cookies after a user has logged out...
MAL-2026-337 Malicious code in chai-as-executed (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39509cc9cca91e97ff74a0dbb0eb902c89e3736a5b96e6412d9334c70b1c315f The package chai-as-executed was found to contain malicious code. Source: ghsa-malware 29af27b0f184fca142866657489c6ea7170b3774985d5293e7136f1ae4f623...
MAL-2026-321 Malicious code in flip-prx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51518ff5a54220f9558ab04c5bad0ac14e14ee3aff6c92b54c1b727e1a90f4b7 The package flip-prx was found to contain malicious code. Source: ghsa-malware 7490a8c35552395560296cfd74b57dc93c222f1bc067d02a1c92d1ec180b7bfa Any...
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud
Microsoft on Wednesday announced that it has taken a "coordinated legal action" in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses. The effort, per the tech giant, is part of a broader law enforcement effort in...
MAL-2026-241 Malicious code in francium-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f204d22648cb65e36ba9d225f45edaac3240ad8b638e40aa87397ebd20bc9bde The package francium-ui was found to contain malicious code. Source: ghsa-malware 9d6cf557fe491bb7638bf2b12ca8587adf51f6f3f105002a08544b42b567ee7d An...
Malicious code in francium-web-visitors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72629df67c0b81a1d120987aca534bd8096a0cbb2a9898a327a2dc2d1b8a0a49 The package francium-web-visitors was found to contain malicious code. Source: ghsa-malware...
Malicious code in extended-path (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1daed3089b5ef77daaeecaac9fe17f36363fd47d3dbe2814f5902c7ec3e61a74 The package extended-path was found to contain malicious code. Source: ghsa-malware 69c860714616f6ecc1c5b9d066780ece372fd1346ffce61438ecc12c9a98b30b...
MAL-2026-226 Malicious code in jz-test-npm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5dccb2f385b35a284dc2d3d339b412bc06502f9bc200809e770c9cdb5c27f4b8 The package jz-test-npm was found to contain malicious code. Source: ghsa-malware f20c59d3291432193fd98670d2b128aa82a1fb34d872f5c6d6fc37089e9d0fb7 An...
Malicious code in jsdom-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 312dfde89b7b4606901cb1278d28d2a7876859e2bd23da752f8c5e4979b9fe8f The package jsdom-js was found to contain malicious code. Source: ghsa-malware c21558fc0a67b24e6df7eddf211f517317d151b885fd971b9fc38608046b733d Any...
Malicious code in auth-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec0897a10b33b937c04d8f134ccac05ecdfd6050bbfaffbb07cd3ade9256bd24 The package auth-types was found to contain malicious code. Source: ghsa-malware 1096a2a969c582b5029b85a0c4eb85eec4d53f96c178a1523abe0978392a139d Any...
Malicious code in rxjs-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a82756fe99cd57d9fc69d12a33d81146a6d0c78b3afa5926fa2531e1b3ced4eb The package rxjs-js was found to contain malicious code. Source: ghsa-malware b3538568871fe17ed55bb2e7a707cf1ca517f047348a754b2be9ec8798ab2997 Any...
Malicious code in yunxohang10 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5afa709f3be67acbb1d69b61e6897f6743d7feb8f9cb31e8b0109223c403858c The package yunxohang10 was found to contain malicious code. Source: ghsa-malware 5d4bc174ce0500df2bcfb0be9787d728083db08a933b9eb56bbe52e1cf37bfd1 An...
MAL-2026-171 Malicious code in amdocs-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8a6af3ffb67d97ff5a166cfa06c9dc841eab5d736ffbbdae5f3a693d7845be2 The package amdocs-core was found to contain malicious code. Source: ghsa-malware 19cbd66c5d36a7bcc61d3202596dea181a2782d867db3ea2cbb0e322f01b99db An...