16 matches found
Malware Injection
prebid-universal-creative is vulnerable to malware injection. The vulnerability is due to the inclusion of crypto-related malicious code and the latest release, which allows an attacker to execute unauthorized cryptocurrency-related operations on affected systems...
EUVD-2025-27597
Malicious code in bioql PyPI...
CVE-2025-59039
Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...
Embedded Malicious Code
Overview prebid-universal-creative is a javascript api to render multiple formats. This file is inserted into the prebid creative as a placeholder for the winning prebid creative. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious...
Prebid-universal-creative latest on npm briefly compromised
Impact Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware detailed in the blog post below. This includes the extremely popular jsdelivr hosting of this file. Patches We unpublished the version on npm. Workarounds This has already been unpublished. See Prebid.js ...
GHSA-M662-56RJ-8FMM Prebid-universal-creative latest on npm briefly compromised
Impact Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware detailed in the blog post below. This includes the extremely popular jsdelivr hosting of this file. Patches We unpublished the version on npm. Workarounds This has already been unpublished. See Prebid.js ...
Malicious code in prebid-universal-creative (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 28a458913f2a945444606a3dd030b993b23a6388274a01a2ecdea26478e1b1d9 This package was compromised and malicious code added as part of a phishing campaign...
MAL-2025-47027 Malicious code in prebid-universal-creative (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 28a458913f2a945444606a3dd030b993b23a6388274a01a2ecdea26478e1b1d9 This package was compromised and malicious code added as part of a phishing campaign...
CVE-2025-59039
Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...
CVE-2025-59039 Prebid Universal Creative on npm briefly compromised
Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...
CVE-2025-59039
The CVE-2025-59039 incident concerns Prebid Universal Creative (PUC), a JavaScript API used to render multiple formats. NPM users of PUC 1.17.3 or the latest release were briefly affected by crypto-related malware, including via the popular jsDelivr hosting of the PUC file. In response, maintaine...
CVE-2025-59039 Prebid Universal Creative on npm briefly compromised
Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...
CVE-2025-59039 Prebid Universal Creative on npm briefly compromised
Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...
PT-2025-36996
Name of the Vulnerable Software and Affected Versions: Prebid Universal Creative PUC versions 1.17.3 and latest Description: Prebid Universal Creative PUC is a JavaScript API used to render multiple formats. Npm users of PUC were briefly affected by crypto-related malware. Recommendations:...
Prebid Universal Creative 安全漏洞
Prebid Universal Creative is an interface software from Prebid Open Source. A security vulnerability exists in Prebid Universal Creative version 1.17.3, which stems from malicious code being planted in npm packages that could interfere with cryptocurrency transactions...
Embedded Malicious Code
Overview prebid-universal-creative is a javascript api to render multiple formats. This file is inserted into the prebid creative as a placeholder for the winning prebid creative. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious...