42 matches found
Malicious code in react-refresh-update (npm)
Package contains highly obfuscated code with dynamic execution using eval, a strong indicator of malicious intent. YARA rule matches confirm. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68cf0c0bd6ed2a8c07bc175b5c0cc7f86a49133e67dd5d8f68f37309c5f1a463 The...
Exploit for Reliance on Untrusted Inputs in a Security Decision in Microsoft
Detections for the CVE-2026-21509 vulnerability in MS Office...
Malicious code in @yoobic/jpeg-camera-es6 (npm)
Suspicious postinstall script executing bundle.js and the presence of unsignedbitwisemathexcess YARA rule match indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38de35c3ae3f0f156a77b94484f3774c14c293d3e37531ec74c8277fde1ad5c7 Any computer that has...
Malicious code in yoo-styles (npm)
Suspicious postinstall script executing bundle.js and YARA rule unsignedbitwisemathexcess match strongly suggests malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b064ef82c07e5538a3269d44de4c6750b224f665f808a5099715143c8be21e4 Any computer that h...
MAL-2025-47230 Malicious code in yoo-styles (npm)
Suspicious postinstall script executing bundle.js and YARA rule unsignedbitwisemathexcess match strongly suggests malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b064ef82c07e5538a3269d44de4c6750b224f665f808a5099715143c8be21e4 Any computer that h...
MAL-2025-47220 Malicious code in @operato/styles (npm)
Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicates malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f85f761f5ad599532a97a4c4c64bea4910004e56178cd4081fefb3b113ed8d6d Any computer that has this...
Malicious code in @operato/styles (npm)
Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicates malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f85f761f5ad599532a97a4c4c64bea4910004e56178cd4081fefb3b113ed8d6d Any computer that has this...
Malicious code in @things-factory/integration-marketplace (npm)
Suspicious postinstall script executing bundle.js and YARA rule match on bundle.js suggests malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 707cb5e2a466e8a099c5ffaaf71fd576d658e67702737dd3dfef8dc62127aa8f Any computer that has this package...
MAL-2025-47224 Malicious code in @things-factory/integration-marketplace (npm)
Suspicious postinstall script executing bundle.js and YARA rule match on bundle.js suggests malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 707cb5e2a466e8a099c5ffaaf71fd576d658e67702737dd3dfef8dc62127aa8f Any computer that has this package...
Malicious code in @operato/headroom (npm)
Suspicious postinstall script executing bundle.js and YARA rule match unsignedbitwisemathexcess indicate malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71e970ada08943ee1043ac40c48714a5f5c29ae9c3c5d925c6dbfff9bcc47719 Any computer that has this...
MAL-2025-47219 Malicious code in @operato/headroom (npm)
Suspicious postinstall script executing bundle.js and YARA rule match unsignedbitwisemathexcess indicate malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71e970ada08943ee1043ac40c48714a5f5c29ae9c3c5d925c6dbfff9bcc47719 Any computer that has this...
Malicious code in @things-factory/env (npm)
Suspicious postinstall script executing bundle.js and YARA rule match on bundle.js indicate potential malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88b8463d9fb16ac5faed1cd122997c683cc79534786bcf816139cefc13897168 Any computer that has this...
Malicious code in eslint-config-crowdstrike (npm)
Suspicious postinstall script executing bundle.js combined with unsignedbitwisemathexcess YARA rule match indicates potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5700b3786b16cd76be2c86bc19af1fd76ac0dbfa6bb16f29e3837fc94598b75 Any computer that...
MAL-2025-47226 Malicious code in eslint-config-crowdstrike (npm)
Suspicious postinstall script executing bundle.js combined with unsignedbitwisemathexcess YARA rule match indicates potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5700b3786b16cd76be2c86bc19af1fd76ac0dbfa6bb16f29e3837fc94598b75 Any computer that...
Malicious code in @crowdstrike/logscale-file-editor (npm)
Suspicious postinstall script executing bundle.js and YARA rule match for excessive bitwise math indicate likely malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c0f2b92ed507c0c5be3665db16bf307e19440b594539d07854669c027545b6c Any computer that ha...
MAL-2025-47216 Malicious code in @crowdstrike/logscale-dashboard (npm)
Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicate malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f7539ca83a2878a7b5b892aaa154843f462994bef40d9d14698dd04a2f0ffee Any computer that has this...
Malicious code in @crowdstrike/logscale-dashboard (npm)
Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicate malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f7539ca83a2878a7b5b892aaa154843f462994bef40d9d14698dd04a2f0ffee Any computer that has this...
Malicious code in @crowdstrike/falcon-shoelace (npm)
postinstall script executes bundle.js. bundle.js triggers unsignedbitwisemathexcess YARA rule. Suspicious behavior indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 035c35169c1f3c6c939e3237ce0bb606645b05601db61892b5d54cbeea095b57 Any computer that h...
MAL-2025-47215 Malicious code in @crowdstrike/falcon-shoelace (npm)
postinstall script executes bundle.js. bundle.js triggers unsignedbitwisemathexcess YARA rule. Suspicious behavior indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 035c35169c1f3c6c939e3237ce0bb606645b05601db61892b5d54cbeea095b57 Any computer that h...
Security Bulletin: IBM Security QRadar Manager for YARA and SIGMA Rules App for IBM QRadar SIEM is vulnerable to using a component with a known vulnerability (CVE-2024-35195)
Summary The product includes a vulnerable component e.g., framework libraries that may be identified and exploited with automated tools. IBM has released a new version which addresses the vulnerability. Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local...