7 matches found
org.webjars.npm:browser-sync-ui (=2.27.11), org.webjars.npm:nestjs__platform-socket.io (=9.0.0-next.2) +3 more potentially affected by CVE-2026-33151 via org.webjars.npm:socket.io-parser (>=2.3.1 <=4.2.5)
org.webjars.npm:socket.io-parser MAVEN version =2.3.1, =0.3.1, =0.5.0 - org.webjars.npm:socket.io-client =4.8.3 Source cves: CVE-2026-33151 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15680279...
EUVD-2025-199318
Malicious code in @fishingbooker/browser-sync-plugin npm...
Malicious code in @fishingbooker/browser-sync-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79d64a6878784c34ef61c163e69714d7ac73721da8790b37ad02be83ec6246af The package @fishingbooker/browser-sync-plugin was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191220 Malicious code in @fishingbooker/browser-sync-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79d64a6878784c34ef61c163e69714d7ac73721da8790b37ad02be83ec6246af The package @fishingbooker/browser-sync-plugin was found to contain malicious code. Source: ghsa-malware...
Malicious code in browser-sync-task-runner (npm)
The package browser-sync-task-runner was found to contain malicious code...
MAL-2025-16199 Malicious code in browser-sync-task-runner (npm)
The package browser-sync-task-runner was found to contain malicious code...
A week in security (February 1 – February 7)
Last week on Malwarebytes Labs, we dug into a load of security events. We first peered into how Fonix ransomware was giving up the ghost, swearing off a life of crime and even apologizing for past actions. We looked at a credit card skimmer that found opportunity in the latest Magento 1 hacking...