15873 matches found
MAL-2026-2411 Malicious code in @wame/ngx-adfs (npm)
Malicious package due to hex obfuscation, dynamic module loading, process access, suspicious install script, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee67ae68f066d11c3e0625e260c588df3d43384ae91fe74292977ea5304684d9 The package...
Malicious code in @wame/ngx-adfs (npm)
Malicious package due to hex obfuscation, dynamic module loading, process access, suspicious install script, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee67ae68f066d11c3e0625e260c588df3d43384ae91fe74292977ea5304684d9 The package...
MAL-2026-2417 Malicious code in oc-navbar-module-client (npm)
Malicious package due to code obfuscation, dynamic code execution, suspicious email, install script, and low project popularity. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec0eedd88f7d05d96544d4fc778561471c0490c16f2fe2c6e8c70428af92e6ad The package...
Malicious code in oc-navbar-module-client (npm)
Malicious package due to code obfuscation, dynamic code execution, suspicious email, install script, and low project popularity. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec0eedd88f7d05d96544d4fc778561471c0490c16f2fe2c6e8c70428af92e6ad The package...
Malicious code in oc-ccp-module-client (npm)
Malware due to hex obfuscation, suspicious install script, dynamic module loading, OS command access, process object access, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2b4b9cee1369c441aa8d759bc04085a8e2b14786df20656a8c6bc249e6260...
MAL-2026-2416 Malicious code in oc-ccp-module-client (npm)
Malware due to hex obfuscation, suspicious install script, dynamic module loading, OS command access, process object access, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2b4b9cee1369c441aa8d759bc04085a8e2b14786df20656a8c6bc249e6260...
MAL-2026-2415 Malicious code in oc-aa-module-client (npm)
Multiple pieces of evidence suggest malicious intent: hex obfuscation, dynamic code execution, suspicious email, and install script executing index.js. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ff9a96329ad67bbc8f97ec7686f7f6a8f1b94bb76be3f8f48671cafde13fc...
Malicious code in oc-aa-module-client (npm)
Multiple pieces of evidence suggest malicious intent: hex obfuscation, dynamic code execution, suspicious email, and install script executing index.js. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ff9a96329ad67bbc8f97ec7686f7f6a8f1b94bb76be3f8f48671cafde13fc...
Malicious code in @ceeferenderer/itg-renderer-sdk (npm)
Malicious package due to code obfuscation, dynamic module loading, process exposure, suspicious install script, and untrustworthy author email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51b9fa22264e38705c3a7ba319515ee66036e72ab14c32d08b01a5695aa191b8 This...
MAL-2026-2407 Malicious code in @ceeferenderer/itg-renderer-sdk (npm)
Malicious package due to code obfuscation, dynamic module loading, process exposure, suspicious install script, and untrustworthy author email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51b9fa22264e38705c3a7ba319515ee66036e72ab14c32d08b01a5695aa191b8 This...
Malicious code in @ceeferenderer/fe-renderer-sdk (npm)
Multiple evidences suggest malicious intent: code obfuscation, dynamic code execution, process access, install script, and suspicious email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feee20bafab758bb648bbe425a100a13e6d21799552a2b5566fe6029faef6ce4 Package...
MAL-2026-2406 Malicious code in @ceeferenderer/fe-renderer-sdk (npm)
Multiple evidences suggest malicious intent: code obfuscation, dynamic code execution, process access, install script, and suspicious email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feee20bafab758bb648bbe425a100a13e6d21799552a2b5566fe6029faef6ce4 Package...
Malicious code in cclr-component-resources (npm)
Multiple evidences suggest this package is a malware: code obfuscation, dynamic code execution, suspicious domain, and unusual install script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61af3265fce06cfbb9bbf20e38d468e136487f69c41f70b0bbb1b331535bdf82 The...
MAL-2026-2413 Malicious code in cclr-component-resources (npm)
Multiple evidences suggest this package is a malware: code obfuscation, dynamic code execution, suspicious domain, and unusual install script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61af3265fce06cfbb9bbf20e38d468e136487f69c41f70b0bbb1b331535bdf82 The...
The March Madness scam playbook
March Madness is the annual men's and women's NCAA Division I basketball tournament, where 68 teams play in a single-elimination bracket for the US national championship. But March Madness doesn’t just bring buzzer beaters and busted brackets. It also kicks off a short, intense season for scammer...
📄 Starlink DNS Rebinding
This Metasploit auxiliary module implements a DNS rebinding attack targeting Starlink infrastructure CVE-2023-52235. The module operates by running a malicious DNS server that dynamically switches responses from a public IP to internal network targets, enabling access to internal services. It als...
Auditing MCP Servers for Over-Privileged Tool Capabilities
The Model Context Protocol MCP has emerged as a standard for connecting Large Language Models LLMs to external tools and data. However, MCP servers often expose privileged capabilities, such as file system access, network requests, and command execution that can be exploited if not properly...
PT-2026-27008
Name of the Vulnerable Software and Affected Versions Flos Freeware Notepad2 version 4.2.25 Description A weakness exists in Flos Freeware Notepad2 4.2.25, impacting an unknown function within the TextShaping.dll library. Exploitation involves a manipulation that can lead to an uncontrolled searc...
CVE-2026-33156
ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...
EUVD-2026-13793
ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...