MAL-2026-2910 Malicious code in tailwindthml-flips (npm)

tailwindthml-flips is a malicious npm package that when imported downloads a C2 dropper part of PolinRider campaign from crypto transactions and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious Package Injection

DuckDB is vulnerable to malicious package injection. The vulnerability is due to unauthorized access and compromise of the npm package publishing process, which allowed an attacker to upload malicious versions of DuckDB’s Node.js packages containing code that interfered with cryptocurrency...

Backslash 安全漏洞

Backslash is a tool for parsing backslash strings by the individual developer Josh Junon. A security vulnerability exists in Backslash version 0.2.1, which stems from a malware payload that could lead to the redirection of cryptocurrency transactions...

Color-String 安全漏洞

Color-String is a library for parsing and generating CSS color strings by the individual developer Josh Junon. A security vulnerability exists in Color-String version 2.1.1, which stems from malware payload injection and could lead to the redirection of cryptocurrency transactions in a browser...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...

Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions

The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit marketplace to have ever operated. The figures, released by blockchain analytics...

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection

New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to crack down on the operation. "Only part of this ga...

Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!

Malicious actors have published more than 451 unique Python packages on the official Python Package Index PyPI repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a...

Top Illicit Carding Marketplace UniCC Abruptly Shuts Down

A top underground market for buying and selling stolen credit-card details, UniCC, has announced it’s shutting down operations. The site accounted for about 30 percent of carding scam business and, since it was launched in 2013, handled about $358 million in cryptocurrency transactions, according...

New Anti Anti-Money Laundering Services for Crooks

A new dark web service is marketing to cybercriminals who are curious to see how their various cryptocurrency holdings and transactions may be linked to known criminal activity. Dubbed "Antinalysis," the service purports to offer a glimpse into how ones payment activity might be flagged by law...

GHSA-7XF6-CPXM-5MX9 Malicious Package in bufner-xor

Version 2.0.2 contained malicious code. The package targeted the Ethereum cryptocurrency and performed transactions to wallets not controlled by the user. Recommendation Remove the package from your environment. Ensure no Ethereum funds were compromised...