Malicious code in chai-promised-await (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4af3ac4bdf4f878612b66ee0cad227e2bef184fe763ff80478fc0905107d3edb The package chai-promised-await was found to contain malicious code...

MAL-2026-1677 Malicious code in chai-cli-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d9f4be84db26d0ce71d5bcfda424b1af08abddc37c23d3a2ef2b4263534fde2 The package chai-cli-async was found to contain malicious code...

CVE-2025-41258

creationtimestamp| type| source ---|---|--- 2026-03-18 12:40:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhdj22ksx42c 2026-03-25 13:40:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhv7o2bym32i...

MAL-2026-1649 Malicious code in advertising-podlet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bb234dd090695707ab05d6b4726b89a073ae2f517cad9b2fb7069aa58d08360 The package advertising-podlet was found to contain malicious code...

MAL-2026-1648 Malicious code in advertising-events (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9e784ce1a0573b476f4232dcdc6136efaa217d3483765875dbea0aae015542d The package advertising-events was found to contain malicious code...

MAL-2026-1647 Malicious code in adobe-tracking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ea7322d0f5d2ca7aa6671313fe1f8f467c5db667987215e36535698aa5885df The package adobe-tracking was found to contain malicious code...

Malicious code in @panopto/api-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02e9e606e2aef11de752a18ad63f5772f485bb0fd40f66cc61b2e0f9a5ffe26f The package @panopto/api-core was found to contain malicious code...

MAL-2026-1618 Malicious code in @f5rest/odata-lens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cc3c0ba56ae7cb9905be55c656786aa9987166dcad2e4d6e4d273134018c90e The package @f5rest/odata-lens was found to contain malicious code...

Malicious code in @f5rest/icr-metadata-generator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 997e0d3cb7fd000b08e52b7679e870d2ade8d698b16aeec6f2497aae10bea376 The package @f5rest/icr-metadata-generator was found to contain malicious code...

MAL-2026-1603 Malicious code in @emerald-react/checkbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73d32a1bb5753affaccc3f875ba482d2565c062a5eb65862620595a84309ff3f The package @emerald-react/checkbox was found to contain malicious code...

MAL-2026-1592 Malicious code in @cbreone/survey-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa512020ca8dd602c54abcdc6b69379bc5656423a35dabd5200db0e3b8af7fd6 The package @cbreone/survey-ui was found to contain malicious code...

Malicious code in @at-point/valiant-widgets-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87532b33037ce0d72b75f2ca654c5b66bf97048b3d1226ca6bdb396af6670c4a The package @at-point/valiant-widgets-v2 was found to contain malicious code...

MAL-2026-1914 Malicious code in tabullate (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in async-substrate-interface-sub (PyPI)

--- -= Per source details. Do not edit below this line.=-...

CISA Urges Endpoint Management System Hardening After Cyberattack Against US Organization

CISA is aware of malicious cyber activity targeting endpoint management systems of U.S. organizations based on the March 11, 2026 cyberattack against U.S.-based medical technology firm Stryker Corporation, which affected their Microsoft environment.1 To defend against similar malicious cyber...

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico

Introduction In this installment of our SOC Files series, we will walk you through a targeted campaign that our MDR team identified and hunted down a few months ago. It involves a threat known as Horabot , a bundle consisting of an infamous banking Trojan, an email spreader, and a notably complex...

CVE-2026-4366

creationtimestamp| type| source ---|---|--- 2026-03-18 03:17:32+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4366...

CVE-2026-33189

creationtimestamp| type| source ---|---|--- 2026-03-18 03:17:29+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33189...

CVE-2026-33188

creationtimestamp| type| source ---|---|--- 2026-03-18 03:17:29+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33188...

CVE-2026-33058

creationtimestamp| type| source ---|---|--- 2026-03-18 03:17:27+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33058 2026-03-18 16:34:17+00:00| seen| https://bsky.app/profile/cydave.bsky.social/post/3mhdw4uc4w225 2026-03-19 09:28:13+00:00| seen|...