Lucene search
K

605 matches found

The Hacker News
The Hacker News
added 2025/12/01 12:47 p.m.18 views

⚡ Weekly Recap: Hot CVEs, npm Worm Returns, Firefox RCE, M365 Email Raid & More

Hackers aren't kicking down the door anymore. They just use the same tools we use every day — code packages, cloud accounts, email, chat, phones, and "trusted" partners — and turn them against us. One bad download can leak your keys. One weak vendor can expose many customers at once. One guest...

9.8CVSS10AI score0.99962EPSS
Exploits26
Snyk
Snyk
added 2025/11/27 3:49 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The package was flagged as malicious during the Sha1-hulud supply chain attack. Although the Sha1-hulud IoCs are not present within the package, the contents of the affected version were removed from the officia...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/27 3:49 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The package was flagged as malicious during the Sha1-hulud supply chain attack. Although the Sha1-hulud IoCs are not present within the package, the contents of the affected version were removed from the officia...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/27 3:49 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The package was flagged as malicious during the Sha1-hulud supply chain attack. Although the Sha1-hulud IoCs are not present within the package, the contents of the affected version were removed from the officia...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/27 3:49 p.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The package was flagged as malicious during the Sha1-hulud supply chain attack. Although the Sha1-hulud IoCs are not present within the package, the contents of the affected version were removed from the officia...

9.8CVSS6.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/26 2:42 a.m.13 views

Malicious code in @lokeswari-satyanarayanan/rn-zustand-expo-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73fe3bd99e2f11ab8bb09a9086c4dca8af56372031492ed11d90f1e32a0e8f53 The package @lokeswari-satyanarayanan/rn-zustand-expo-template was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.5 views

Malicious code in @oku-ui/toolbar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03a495471a804035cd3e91e35335246931ccea65636ad279226ab2a39b0f1283 The package @oku-ui/toolbar was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.6 views

Malicious code in pkg-readme (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfc479ddf04c9b4dccdd1b190ab6a553b8b70b35dd010db9a2f6facee0990c78 The package pkg-readme was found to contain malicious code. Source: ghsa-malware 1367f46db577db5123a8d208e0f5d172747a39e623e7c33db0a7e240d28f9d2a Any...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.8 views

Malicious code in @dev-blinq/ui-systems (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ce530512b608913637db50ce0058d08d5afb8173c8b5968023c9b9665bcde49 The package @dev-blinq/ui-systems was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.5 views

Malicious code in @oku-ui/portal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0711033d654f75b42d8959721555bcf5aa5fb766ccc12b6e89c56eef0d8cafd The package @oku-ui/portal was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.5 views

Malicious code in @voiceflow/verror (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81b5a50b0295fd87094117e38841e99bba0c11d47626ee9ced19ea9e7547d08e The package @voiceflow/verror was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.5 views

Malicious code in @productdevbook/animejs-vue (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c2acfd4cc90c6efaba5b4ac9fffbeb99c09185946aa16771401d7227d137c24 The package @productdevbook/animejs-vue was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.5 views

Malicious code in @silgi/scalar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 718db30ae906e5148f4892029a4e6e20c813dfa5ef8eb9a76a46b1c1769445d3 The package @silgi/scalar was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.7 views

Malicious code in @voiceflow/voiceflow-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64870c57f06fc059636a3136cce3f775121952fa37459d740810067378d88c0e The package @voiceflow/voiceflow-types was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.5 views

Malicious code in @pergel/module-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ce0c82f79656be99edeef5afbd890a8a5720c0a0e6acbdd2ce273ed8c151c2c The package @pergel/module-graphql was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.6 views

Malicious code in selenium-session-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c213ecffb94ad5db9053c2dcf20681d6fe3a5baa0b8ed42d87e01c7ef930a704 The package selenium-session-client was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References9
OSV
OSV
added 2025/11/25 12:16 a.m.1 views

MAL-2025-191351 Malicious code in @voiceflow/google-dfes-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04a5078499c9ba131d593044169dbb0a8f814c085d73c4823872c41430f8fad2 The package @voiceflow/google-dfes-types was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/25 12:16 a.m.2 views

MAL-2025-191288 Malicious code in @pergel/nuxt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 254d004d3481a4de85486f384ce71966afc1887442207235accfc350ceab39cc The package @pergel/nuxt was found to contain malicious code. Source: google-open-source-security...

6.8AI score
Exploits0References3
OSV
OSV
added 2025/11/25 12:16 a.m.3 views

MAL-2025-191241 Malicious code in @livecms/live-edit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c7809db8bb669af7eb4bdecf71a153df39183ffffcccedc22eb5a123491bfd9 The package @livecms/live-edit was found to contain malicious code. Source: google-open-source-security...

6.8AI score
Exploits0References3
OSV
OSV
added 2025/11/25 12:16 a.m.2 views

MAL-2025-191369 Malicious code in @voiceflow/runtime-client-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 399cfa81f7df3be9a57cf73e053fc5c3b7ec6da696f118e61290475fbf9aa4cd The package @voiceflow/runtime-client-js was found to contain malicious code. Source: google-open-source-security...

6.8AI score
Exploits0References3
Rows per page
Query Builder