296 matches found
CVE-2025-68619 Signal K Server Vulnerable to Remote Code Execution via Malicious npm Package
Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 of the appstore interface allow administrators to install npm packages through a REST API endpoint. While the endpoint validates that the package name exists in the npm registry as a known plugi...
EUVD-2016-5951
Malware in sbrugna...
EUVD-2024-54508
Malicious code in bioql PyPI...
EUVD-2025-27127
Malicious code in bioql PyPI...
EUVD-2025-5907
Malicious code in bioql PyPI...
Malicious code in @yoobic/jpeg-camera-es6 (npm)
Suspicious postinstall script executing bundle.js and the presence of unsignedbitwisemathexcess YARA rule match indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38de35c3ae3f0f156a77b94484f3774c14c293d3e37531ec74c8277fde1ad5c7 Any computer that has...
MAL-2025-47225 Malicious code in @yoobic/jpeg-camera-es6 (npm)
Suspicious postinstall script executing bundle.js and the presence of unsignedbitwisemathexcess YARA rule match indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38de35c3ae3f0f156a77b94484f3774c14c293d3e37531ec74c8277fde1ad5c7 Any computer that has...
MAL-2025-47230 Malicious code in yoo-styles (npm)
Suspicious postinstall script executing bundle.js and YARA rule unsignedbitwisemathexcess match strongly suggests malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b064ef82c07e5538a3269d44de4c6750b224f665f808a5099715143c8be21e4 Any computer that h...
Malicious code in @operato/styles (npm)
Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicates malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f85f761f5ad599532a97a4c4c64bea4910004e56178cd4081fefb3b113ed8d6d Any computer that has this...
MAL-2025-47220 Malicious code in @operato/styles (npm)
Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicates malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f85f761f5ad599532a97a4c4c64bea4910004e56178cd4081fefb3b113ed8d6d Any computer that has this...
Malicious code in @things-factory/integration-marketplace (npm)
Suspicious postinstall script executing bundle.js and YARA rule match on bundle.js suggests malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 707cb5e2a466e8a099c5ffaaf71fd576d658e67702737dd3dfef8dc62127aa8f Any computer that has this package...
MAL-2025-47224 Malicious code in @things-factory/integration-marketplace (npm)
Suspicious postinstall script executing bundle.js and YARA rule match on bundle.js suggests malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 707cb5e2a466e8a099c5ffaaf71fd576d658e67702737dd3dfef8dc62127aa8f Any computer that has this package...
MAL-2025-47229 Malicious code in tbssnch (npm)
Package is likely malware. Suspicious postinstall script executes a file with excessive unsigned bitwise math, indicating potential malicious intent. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a3d97140873f47a4a2f00551bfb18c9257dcbfa870e93cfaa642c2e8a4bbb00 Any...
Malicious code in tbssnch (npm)
Package is likely malware. Suspicious postinstall script executes a file with excessive unsigned bitwise math, indicating potential malicious intent. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a3d97140873f47a4a2f00551bfb18c9257dcbfa870e93cfaa642c2e8a4bbb00 Any...
Malicious code in @operato/headroom (npm)
Suspicious postinstall script executing bundle.js and YARA rule match unsignedbitwisemathexcess indicate malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71e970ada08943ee1043ac40c48714a5f5c29ae9c3c5d925c6dbfff9bcc47719 Any computer that has this...
MAL-2025-47222 Malicious code in @things-factory/env (npm)
Suspicious postinstall script executing bundle.js and YARA rule match on bundle.js indicate potential malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88b8463d9fb16ac5faed1cd122997c683cc79534786bcf816139cefc13897168 Any computer that has this...
MAL-2025-47228 Malicious code in remark-preset-lint-crowdstrike (npm)
Suspicious postinstall script executes a file with excessive bitwise math. Likely malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 165b629be2876c01b20135bbf391a92b4ae66e6645b8f390bcbb5373f8d43c5b Any computer that has this package installed or running should...
Malicious code in remark-preset-lint-crowdstrike (npm)
Suspicious postinstall script executes a file with excessive bitwise math. Likely malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 165b629be2876c01b20135bbf391a92b4ae66e6645b8f390bcbb5373f8d43c5b Any computer that has this package installed or running should...
Malicious code in eslint-config-crowdstrike (npm)
Suspicious postinstall script executing bundle.js combined with unsignedbitwisemathexcess YARA rule match indicates potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5700b3786b16cd76be2c86bc19af1fd76ac0dbfa6bb16f29e3837fc94598b75 Any computer that...
MAL-2025-47226 Malicious code in eslint-config-crowdstrike (npm)
Suspicious postinstall script executing bundle.js combined with unsignedbitwisemathexcess YARA rule match indicates potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5700b3786b16cd76be2c86bc19af1fd76ac0dbfa6bb16f29e3837fc94598b75 Any computer that...