Lucene search
K

21 matches found

The Hacker News
The Hacker News
added 2026/05/20 11:38 a.m.26 views

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal organizations for sale on a cybercrime forum. "While we currently have no evidence of impact to customer...

6.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 5:0 a.m.16 views

Malicious code in @starmind/collector-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33a028c205d18a30d3ff150b1653336fefa0ac86a6e5242811b6fb2c3283af21 The package @starmind/collector-cli was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.17 views

Malicious code in @antv/adjust (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/19 12:0 a.m.13 views

MAL-2026-3979 Malicious code in @antv/g2-ssr (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.17 views

Malicious code in @ml-toolkit-ts/preprocessing (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/12 4:33 a.m.16 views

MAL-2026-3573 Malicious code in @uipath/rpa-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27baf6f8e722fd9803bff5f0d455ae5867fcf87135864df02a6f269cccf659fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 4:27 a.m.10 views

MAL-2026-3566 Malicious code in @uipath/platform-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89f494a30a8fe1637198b531a2c267ebb3aedf5d0c537afc1f12ea2186ef1d1f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 4:24 a.m.7 views

MAL-2026-3562 Malicious code in @uipath/packager-tool-functions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ecd70af63416c44f0ddb62846ccd313a62afda6fb1664a7cc989789cd983a6cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 4:22 a.m.8 views

Malicious code in @uipath/packager-tool-bpmn (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a5692c6b042a5bcb1332d3c1efb3db46428eaab10fea07d84883480c041d835 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 4:22 a.m.7 views

MAL-2026-3558 Malicious code in @uipath/packager-tool-bpmn (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a5692c6b042a5bcb1332d3c1efb3db46428eaab10fea07d84883480c041d835 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 4:20 a.m.9 views

Malicious code in @uipath/maestro-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6885645b867aaec1056710aae316b39c7601e17728f7e35b391f02198b3832b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 3:33 a.m.10 views

Malicious code in @uipath/flow-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8016b3433ca7e37f6e4ac3a263a05fd7ba16ce1f652615018abffe280623d21 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 3:32 a.m.5 views

MAL-2026-3544 Malicious code in @uipath/filesystem (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 146d5edb9ab8fea89bfb60b8ae01c6c1e8e0fea9e6332121cf3922f4d23546df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 3:32 a.m.8 views

Malicious code in @uipath/docsai-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2df6b51f1b5589ef118d9b34d60200e0355bd43fe0ee8cd461f222b6a7f0bcbc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 3:31 a.m.10 views

Malicious code in @uipath/data-fabric-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 564bdc51544f234731435ede11d7239b9b2035872b6083e88795bd64734bb58a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 3:26 a.m.14 views

Malicious code in @uipath/apollo-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 235b3abc1afad9d8a47430183286bbef61e16f74be20b29c7d967a8d528ecdf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 6:18 a.m.18 views

Malicious code in checkmarx.ast-results (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 3205937565e6fad63cbece12a8463cd52f3e95c10ac99ab7e62a317e9c18717a This extension is a compromised version of the offical Checkmarx VSCode extensions available on the Microsoft Marketplace, by the TeamPCP...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:33 a.m.8 views

Malicious code in @emilgroup/commission-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88cda98ba417752b6bf4aef7eb0ecf7410017226165423202ca4d5886f370478 The package @emilgroup/commission-sdk was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/03/26 12:33 a.m.5 views

MAL-2026-2207 Malicious code in @emilgroup/process-manager-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc09d1561452ec50af226b10199a75b846e64e16ccbd9ff7757bf0e4a769d0c2 The package @emilgroup/process-manager-sdk-node was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/03/26 12:33 a.m.3 views

MAL-2026-2203 Malicious code in @emilgroup/discount-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98b66c2b21da822102c367293fd9acc95e864afb9bb8ddebcb3ac0d49ccf583e The package @emilgroup/discount-sdk-node was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
Rows per page
Query Builder