220 matches found
Malicious code in @crowdstrike/logscale-parser-edit (npm)
Suspicious postinstall script executing bundle.js and bundle.js contains excessive unsigned bitwise math, indicating potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff5e2fca0afc744f9b2cec20ddf740574c42864336447119ed7715555896bde9 Any computer that...
MAL-2025-47218 Malicious code in @crowdstrike/logscale-parser-edit (npm)
Suspicious postinstall script executing bundle.js and bundle.js contains excessive unsigned bitwise math, indicating potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff5e2fca0afc744f9b2cec20ddf740574c42864336447119ed7715555896bde9 Any computer that...
MAL-2025-47217 Malicious code in @crowdstrike/logscale-file-editor (npm)
Suspicious postinstall script executing bundle.js and YARA rule match for excessive bitwise math indicate likely malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c0f2b92ed507c0c5be3665db16bf307e19440b594539d07854669c027545b6c Any computer that ha...
Malicious code in @crowdstrike/logscale-file-editor (npm)
Suspicious postinstall script executing bundle.js and YARA rule match for excessive bitwise math indicate likely malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c0f2b92ed507c0c5be3665db16bf307e19440b594539d07854669c027545b6c Any computer that ha...
MAL-2025-47216 Malicious code in @crowdstrike/logscale-dashboard (npm)
Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicate malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f7539ca83a2878a7b5b892aaa154843f462994bef40d9d14698dd04a2f0ffee Any computer that has this...
Malicious code in @crowdstrike/glide-core (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c50fb4842e12feb703463f76e42b30788a613940789be0e353b396b7de4cba8 Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47235 Malicious code in @crowdstrike/glide-core (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c50fb4842e12feb703463f76e42b30788a613940789be0e353b396b7de4cba8 Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in @crowdstrike/foundry-js (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b692cc7f6e5464ffd853e3847c9818751b07e7730ef96f968e01aea83827605f Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47234 Malicious code in @crowdstrike/foundry-js (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b692cc7f6e5464ffd853e3847c9818751b07e7730ef96f968e01aea83827605f Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47215 Malicious code in @crowdstrike/falcon-shoelace (npm)
postinstall script executes bundle.js. bundle.js triggers unsignedbitwisemathexcess YARA rule. Suspicious behavior indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 035c35169c1f3c6c939e3237ce0bb606645b05601db61892b5d54cbeea095b57 Any computer that h...
MAL-2025-47233 Malicious code in @crowdstrike/commitlint (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e58c63ca78f39890835120723ac0ab398dbaddb3018f3b640145685ab38cdd93 Any computer that has this package installed or running should be considered fully compromised. All...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
@crowdstrike/ember-toucan-core (>=0.3.0 <=0.4.6), @frontile/buttons (=0.18.0-alpha.5) +13 more potentially affected by unknown CVE via ember-velcro (=2.2.0)
ember-velcro NPM version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on ember-velcro and may be impacted: - @crowdstrike/ember-toucan-core =0.3.0, =0.17.0-alpha.0, =0.17.0, =0.17.0, =0.17.0, =9.4.0, =8.3.0, =0.1.0, =0.0.4, =0.17.0, =0.0.4, =0.0...
eslint-config-crowdstrike-node (=4.0.0-beta.2) potentially affected by unknown CVE via eslint-config-crowdstrike (=11.0.0-beta.0)
eslint-config-crowdstrike NPM version =11.0.0-beta.0 is affected by a known vulnerability. The following packages have a transitive dependency on eslint-config-crowdstrike and may be impacted: - eslint-config-crowdstrike-node =4.0.0-beta.2 Source cves: unknown CVE Source advisory:...
@crowdstrike/ember-oss-docs (>=1.0.1 <=1.1.8) potentially affected by unknown CVE via ember-url-hash-polyfill (=1.0.11)
ember-url-hash-polyfill NPM version =1.0.11 is affected by a known vulnerability. The following packages have a transitive dependency on ember-url-hash-polyfill and may be impacted: - @crowdstrike/ember-oss-docs =1.0.1, =1.1.8 Source cves: unknown CVE Source advisory:...
@crowdstrike/ember-toucan-styles (=3.0.1) potentially affected by unknown CVE via ember-browser-services (=5.0.1)
ember-browser-services NPM version =5.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on ember-browser-services and may be impacted: - @crowdstrike/ember-toucan-styles =3.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-EMBERBROWSERSERVICES-12744...