Malicious code in ancestry-unified-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 654a8c92f4dee2f432b77c84c15e3926d913e506e58375a0958c08cc53ff134b The package ancestry-unified-logger was found to contain malicious code. Source: ossf-package-analysis...

MAL-2025-190549 Malicious code in ancestry-unified-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 654a8c92f4dee2f432b77c84c15e3926d913e506e58375a0958c08cc53ff134b The package ancestry-unified-logger was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2025-197876

Malicious code in ancestry-unified-logger npm...

EUVD-2025-32113

Malicious code in bioql PyPI...

EUVD-2025-32112

Malicious code in bioql PyPI...

Malicious code in ancestry-axios (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71501ecab204074038c46b64372fcfd400a8f1b7375edff35e29d5b6bbe7500a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ancestry-header-footer-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a91f13b12dd2c038ea932a4b439d5a9c46856babdb64d5e4c6671cb31d1bd59e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview ancestry-header-footer-proxy is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview ancestry-axios is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-47877 Malicious code in ancestry-axios (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71501ecab204074038c46b64372fcfd400a8f1b7375edff35e29d5b6bbe7500a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47878 Malicious code in ancestry-header-footer-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a91f13b12dd2c038ea932a4b439d5a9c46856babdb64d5e4c6671cb31d1bd59e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

23andMe to pay $30 million in settlement over 2023 data breach

Genetic testing company 23andMe will pay $30 million to settle a class action lawsuit over a 2023 data breach which ended in some customers having information like names, birth years, and ancestry information exposed. In October 2023, we reported on how information belonging to as many as seven...

Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns

Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. "These campaigns typically involve a recognizable infection chain involving oversized...

CVE-2018-1000156

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's...

wc.rootsweb.ancestry.com XSS vulnerability

Vulnerable URL: http://wc.rootsweb.ancestry.com/cgi-bin/igm.cgi?op=SRCH=cbry=Keritzy%22%3EKeirtzy%3Cimg%20src=x%20onerror=prompt/XSSPOSED/%3EQ Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

ancestry.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-440392 Description| Value ---|--- Affected Website:| ancestry.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

ancestry.co.uk XSS vulnerability

Vulnerable URL: http://www.ancestry.co.uk/2/ShareHandler.ashx?f=GetPostingPage=Findxmzkb"...

ancestry.fr XSS vulnerability

Vulnerable URL: http://www.ancestry.fr/ShareHandler.ashx?retUrl=data:text/html;base64,PHNjcmlwdD5wcm9tcHQoL09QRU5CVUdCT1VOVFkvKTwvc2NyaXB0Pg==Lewis Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclos...

ancestry.co.uk XSS vulnerability

Vulnerable URL: http://www.ancestry.co.uk/ShareHandler.ashx?retUrl=data:text/html;base64,PHNjcmlwdD5wcm9tcHQoL09QRU5CVUdCT1VOVFkvKTwvc2NyaXB0Pg== Details: Description| Value ---|--- Patched:| No Latest check for patch:| 17.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

ancestry.se XSS vulnerability

Vulnerable URL: http://www.ancestry.se/ShareHandler.ashx?retUrl=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTUE9TRUQnKTwvc2NyaXB0Pg== Details: Description| Value ---|--- Patched:| No Latest check for patch:| 17.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...