browser-forms (>=0.0.1 <=0.0.2), express-stormpath (>=0.1.0 <=0.5.8) +4 more potentially affected by CVE-2021-23388 via forms (>=0.1.0 <=1.1.4)

forms NPM version =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =0.3.1, =0.0.1, =0.1.1 Source cves: CVE-2021-23388 Source advisory: OSV:GHSA-C56F-GRV3-GPFR...

Malicious Package

modlibrary is a malicious package. The package contains code that when executed in the browser, would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

Think Safer

Not even a techno-religion is immune from security snafus, as the folks at Apple are steadily discovering. After years of watching the bad guys use crimeware kits like Zeus against Microsoft, the iGang finally got a malware construction tool to call its own in May of this year. Modeled on the...