Malicious code in @redhat-cloud-services/tsc-transform-imports (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

MAL-2026-2911 Malicious code in terminal-formatter (npm)

terminal-formatter is a malicious npm package that when installed postinstall-hook or imported sends local env variables, files and bash history to https://ghostraper.top and registers a new ssh key in .ssh/authorizedkeys. --- -= Per source details. Do not edit below this line.=- Source:...

Malicious code in terminal-formatter (npm)

terminal-formatter is a malicious npm package that when installed postinstall-hook or imported sends local env variables, files and bash history to https://ghostraper.top and registers a new ssh key in .ssh/authorizedkeys. --- -= Per source details. Do not edit below this line.=- Source:...

CVE-2026-0383 Information disclosure in Brocade Fabric OS before 9.2.1c2, 9.2.2 through 9.2.2a and 10.0.0

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

EUVD-2018-0374

Malware in sbrugna...

EUVD-2018-0412

Malware in sbrugna...

EUVD-2018-0410

Malware in sbrugna...

EUVD-2018-0405

Malware in sbrugna...

Project-Frame-Jacking-The-Gallery-Heist

Executive Summary A comprehensive penetration test was conduc...

Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow

Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow among others inside the npm public code repository — all of which exfiltrate sensitive information. The packages weaponize a proof-of-concept PoC code dependency-confusion exploit that w...

Mail.ru: Bash History file log

Researcher found a publicly accessible .bashhistory file on one of servers. File contained commands without sensitive data in them...

0xsp-Mongoose - Privilege Escalation Enumeration Toolkit (ELF 64/32), Fast, Intelligent Enumeration With Web API Integration

Using 0xsp mongoose you will be able to scan a targeted operating system for any possible way for privilege escalation attacks, starting from collecting information stage until reporting information through 0xsp Web Application API. user will be able to scan different Linux os system at the same...

jquey is malware

The jquey package is malware that attempts to discover and exfiltrate sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found jquey installed in your...

GHSA-6FJR-M7V6-FPG9 jquey is malware

The jquey package is malware that attempts to discover and exfiltrate sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found jquey installed in your...

coffescript is malware

The coffescript package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found coffescript installed in your...

GHSA-C9RJ-PGXV-84JC cofee-script is malware

The cofee-script package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found cofee-script installed in your...

cofee-script is malware

The cofee-script package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found cofee-script installed in your...

coffe-script is malware

The coffe-script package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found coffe-script installed in your...

GHSA-M6WH-M8M8-6XX5 cofeescript is malware

The cofeescript package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found cofeescript installed in your...

Malicious Typo-Squatting

jquey is a maliciously typo-squatting package. During the installation of this package, the user’s private SSH key and bash history are set to a third party server...