325 matches found
Malicious code in levex-press (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f33c109f544ebe960d2fe2880abba71a8abbbcfc1b8042ca5c5d5d9e6ac6b557 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in workspace-config-loader (npm)
Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...
MAL-2026-4234 Malicious code in compliance-check-runner (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09baf2402c56bbf2219f28a1113df9b623522a17b3a199cf9a6d58f8cbb0b68a On npm install, the package's postinstall hook runs npx env-security-scanner@latest auditenvironment via childprocess.execSync, fetching and executin...
Malicious code in @doctolib-apps/native-personalized-services (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac2da4b8de2ea081f8fe7b84ef6182ab363616dc0515aaa03368bcba4a4b8e76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @squawk/airways (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a54989a6191f1d94771608b8f3552bda56715631b5a25aa301da35cd1ccd869b The package @squawk/airways was found to contain malicious code. Source: ghsa-malware d2d4644fde6979be241ba839c52ea3532ef3b0b25355b239ade4e1dafd9e272...
MCP Registry has open redirect via protocol-relative path in trailing-slash middleware
Summary The TrailingSlashMiddleware in internal/api/server.go is vulnerable to an open redirect attack. An attacker can craft a URL with a protocol-relative path e.g., //evil.com/ that, after trailing slash removal, results in a Location header of //evil.com — which browsers interpret as an...
MAL-2026-3340 Malicious code in trevlo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3414c71889d8ebf7ad09c9b0bf9ab63f8f6589e1e030e35e40a971b767f51ad1 The package trevlo was found to contain malicious code. Source: ghsa-malware 01d7778a4b391062b3f0b2200861fde5a0b4c750eb4ebab90d36940142ae9293 Any...
Malicious code in @google-pay-trust/start (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16feef8620dbb1f3b6c7c6c67f9f7883438f368a3bfd2c2c591d7f30467e67c4 The package @google-pay-trust/start was found to contain malicious code. Source: ghsa-malware...
Astra Linux - уязвимость в firefox
If a user saved a response from the Network tab in Devtools using the “Save As” context menu option, the file might not have been saved with the .download file extension. This could have allowed the user to run a malicious executable inadvertently. This vulnerability has been fixed in Firefox 140...
CVE-2026-42248 Missing Signature Verification for Updates in Ollama
Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation of the update verification routine unconditionally returns success so no digital signature or trust validation is performed before stagin...
MAL-2026-2659 Malicious code in ui-utils-udhay-alerts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed8bd73e0d75fbda0ce08b97273d9ed56f21e9bc0967b05541013a944c85f3c0 The package ui-utils-udhay-alerts was found to contain malicious code. Source: ghsa-malware...
Malicious code in @aircall-ecosystem/integrations-msteams-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4343cd15bb1d3104166b2ddf4f549bc184fde49233b5cfba97f353f00a8c2a2e The package @aircall-ecosystem/integrations-msteams-frontend was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2604 Malicious code in ih-icon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e7f19afb6ffd57012c61c6bef2ce8ad4238f192cac0679e216684a37ec672e The package ih-icon was found to contain malicious code. Source: ghsa-malware c7182707ae8272b3af4376c3dfec66a3b574b8c86217bf3b7c705d94dfb84b63 Any...
MAL-2026-2326 Malicious code in raydium-bs58 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 866a59b63d949dfe36c6082c9daa6fddcb18993724e9980c245a49ff59944fee The package raydium-bs58 was found to contain malicious code. Source: ghsa-malware b6ba968c5cb1e12fc81fc5ed1694c2221b6ac0299199508b80100927801f07f3 A...
MAL-2026-2322 Malicious code in bs58-basic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56502a3bb31374f7cf0d79d8abc98ccac595ca94fe2b9720daeeb9217901c9e0 The package bs58-basic was found to contain malicious code. Source: ghsa-malware 5101b36fd690268aa870c7d458d29e404540f3d3cc29dd19404137ca9f618f56 Any...
Malicious code in raydium-bs58 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 866a59b63d949dfe36c6082c9daa6fddcb18993724e9980c245a49ff59944fee The package raydium-bs58 was found to contain malicious code. Source: ghsa-malware b6ba968c5cb1e12fc81fc5ed1694c2221b6ac0299199508b80100927801f07f3 A...
Malicious code in base-or-engine (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2deff4ab9db147fda78b79b3687e76c9d46381670c58924f03f852518002a649 The package base-or-engine was found to contain malicious code. Source: ghsa-malware d6d4b7d60db50af8f8a9614f9ac0a742cf6472998e11e6233c6190b518332958...
Apple’s Camera Indicator Lights
A thoughtful review of Apple's system to alert users that the camera is on. It's really well-designed, and important in a world where malware could surreptitiously start recording. The reason it's tempting to think that a dedicated camera indicator light is more secure than an on-display indicato...
MAL-2026-2250 Malicious code in test1sharp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 870c745216e287e72f189910e8bd7369f6d6aedbabf85077bfe170b2d1e1de12 The package test1sharp was found to contain malicious code. Source: ghsa-malware c18dd124c0c097c8c6e277f7fd86c791a6d988ecb5545f5811c669e6c1269a95 Any...
CVE-2026-0230
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection...