6 matches found
Malicious code in hunimi-sathu-angifafafiug (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94aa0ced1b892ee55a491ddf9d97a4f1db1331eba3f3067181423e73a7d53814 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lost_bobcat_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f97006bd275ff2c407949fdf97bc29924145b56db5329c3d6ef3d188ee058188 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
How Explosions Actually Kill
Wars often spark misinformation about the nature of blast trauma. Russia's unprovoked bombardment of Ukraine is no different...
Malvertisers Exploited WebKit 0-Day to Redirect Browser Users to Scam Sites
A malvertising group known as "ScamClub" exploited a zero-day vulnerability in WebKit-based browsers to inject malicious payloads that redirected users to fraudulent websites gift card scams. The attacks, first spotted by ad security firm Confiant in late June 2020, leveraged a bug CVE-2021–1801...
Doppler VDP: No rate limit into email change leads to email notification boombing to its victim.
hello team, I have tested your application and found no any rate limit into password changing mechanism which allow attacker to send unlimited number of email notification to his victim, Basically in every part of your application has implemented rate limit block system but email changing area do...
Malicious 'Blur' Photo App Campaign Discovered on Google Play
A new campaign of malicious photo apps on Google Play floods Android devices with random ads instead of functioning as advertised. They also elude detection by making its icon disappear from the device home screen soon after it’s downloaded. Researchers at the White Ops Satori Threat Intelligence...