amaranth-yosys (>=0.9.0.post3746.dev41 <=0.50.0.0.post122), arcjet (>=0.6.0 <=0.7.0a1) +64 more potentially affected by CVE-2026-34983 via wasmtime (>=0.18.2 <=43.0.0)

wasmtime PYPI version =0.18.2, =0.9.0.post3746.dev41, =0.6.0, =0.9.0, =0.1.1, =0.3.0, =3.6.1, =0.1.2, =11.28.0, =1.63.0, =1.63.0, =1.63.0, =1.63.0, =1.63.0, =1.63.0, =1.67.0 and more Source cves: CVE-2026-34983 Source advisory: OSV:PYSEC-2026-151...

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check Point Research is tracking the previously undocumented activity cluster under the moniker...

EUVD-2025-120007

Malicious code in western-amaranth-elk npm...

EUVD-2025-117415

Malicious code in empirical-amaranth-scorpion npm...

EUVD-2025-117425

Malicious code in eastern-amaranth-eel npm...

EUVD-2025-117398

Malicious code in expected-amaranth-cattle npm...

EUVD-2025-117381

Malicious code in fiscal-amaranth-aphid npm...

EUVD-2025-117196

Malicious code in occupational-amaranth-buzzard npm...

EUVD-2025-117201

Malicious code in nursing-amaranth-kiwi npm...

Malicious code in exclusive-amaranth-leopard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8360dffed6c70e9c222c697a15ab756366193c77dff4a7f17660630761ee9db0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-117289

Malicious code in international-amaranth-booby npm...

EUVD-2025-117400

Malicious code in exclusive-amaranth-leopard npm...

EUVD-2025-117410

Malicious code in ethical-amaranth-hawk npm...

Malicious code in retired_anglerfish_amaranth-92 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f809104d1a00ff7403d1dd319017190b2097e4bfde99f2825c48964410b00e77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112259 Malicious code in retired_anglerfish_amaranth-92 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f809104d1a00ff7403d1dd319017190b2097e4bfde99f2825c48964410b00e77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-74686

Malicious code in eventualwolverineamaranth-75 npm...

EUVD-2025-74292

Malicious code in retiredsquirrelamaranth-28 npm...

EUVD-2025-74273

Malicious code in secondarychickadeeamaranth-93 npm...

EUVD-2025-74252

Malicious code in shinyfoxamaranth-13 npm...

EUVD-2025-74890

Malicious code in annualwildcatamaranth-56 npm...