Malicious code in rchive-type (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 46bcff2ccf671339cf65674ae082d163bd033ef8b52b3c605c74834fb6d5f441 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in underscoer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e2f4d85189d50ff681d5261ce1e6cbbd5ee174ff70cad7b6cd47ccbf22e4b41c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview plutos is a malicious package. This is one of 12 malicious packages created by the same actor and discovered by Snyk. It downloads and executes malicious exe files containing malicious code that attempts to steal information from Google Chrome, tokens from Discord, and Injects a Discord...

Brave Software: Persistent user tracking is possible using window.caches, by avoiding Brave Shields

A vulnerability was discovered in Brave for iOS version 1.41.1 that allowed for persistent user tracking using window.caches, even when Brave Shields were enabled to block cookies. This could potentially allow for user tracking without their consent or knowledge...

Researchers Uncover UEFI Secure Boot Bypass in 3 Microsoft Signed Boot Loaders

A security feature bypass vulnerability has been uncovered in three signed third-party Unified Extensible Firmware Interface UEFI boot loaders that allow bypass of the UEFI Secure Boot feature. "These vulnerabilities can be exploited by mounting the EFI System Partition and replacing the existing...

CVE-2022-31148

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...

Cross site scripting

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...

CVE-2022-31148 Persistent cross site scripting in customer module in Shopware

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...

GHSA-5834-XV5Q-CGFW Shopware vulnerable to persistent cross site scripting (XSS) in customer module

Impact Persistent XSS in customer module Patches We recommend updating to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via the download overview. For older versions you can use the Security Plugin:...

IIS extensions are on the rise as backdoors to servers

The Microsoft 365 Defender Research Team has warned that attackers are increasingly leveraging Internet Information Services IIS extensions as covert backdoors into servers. IIS extensions are able to stay hidden in target environments and as such provide a long-term persistence mechanism for...

Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access

Threat actors are increasingly abusing Internet Information Services IIS extensions to backdoor servers as a means of establishing a "durable persistence mechanism." That's according to a new warning from the Microsoft 365 Defender Research Team, which said that "IIS backdoors are also harder to...

Malicious IIS extensions quietly open persistent backdoors into servers

Attackers are increasingly leveraging Internet Information Services IIS extensions as covert backdoors into servers, which hide deep in target environments and provide a durable persistence mechanism for attackers. While prior research has been published on specific incidents and variants, little...

Malicious code in melar-dev-site (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e6525cad3c4d1bf0fc67eb122a33e6498564f679ce593c6392b9fb0d24500fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in uniswap.org (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df9e81c2cfb7449079ce04d2d397b16d6610f7a1d6316d8632fab2f5a979b1fc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-34853 WordPress Team plugin <= 1.2.6 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated contributor or higher user role Persistent Cross-Site Scripting XSS vulnerabilities in wpWax Team plugin = 1.2.6 at WordPress...

CVE-2022-34853 WordPress Team plugin <= 1.2.6 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated contributor or higher user role Persistent Cross-Site Scripting XSS vulnerabilities in wpWax Team plugin = 1.2.6 at WordPress...

Malicious code in ac-appleicons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware baf613b66d7094169fa0d14cd705926374c2398ce352b5c56ddc7745eb78cc53 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress plugin wpWax Team 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Hackers Target Ukrainian Software Company Using GoMet Backdoor

A large software development company whose software is used by different state entities in Ukraine was at the receiving end of an "uncommon" piece of malware, new research has found. The malware, first observed on the morning of May 19, 2022, is a custom variant of the open source backdoor known ...

Malicious code in list-images (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware edf3b4ffccf50da436b9f927419f8d777691cbc30ad3918981b083e2e56b3bf5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...