24 matches found
Multiple Node.js Modules compromised in supply chain attack to steal crypto (08/09/2025)
The remote host has a version of one or more Node.js modules installed known to be compromised in a supply chain attack. The following Node.js modules are known to be affected: 'backslash', 'chalk', 'debug', 'chalk-template', 'supports-hyperlinks', 'has-ansi', 'simple-swizzle', 'color-string',...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview backslash is a parse string escapes \n, \r, etc. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code...
Embedded Malicious Code
Overview @duckdb/node-api is an API for using DuckDB in Node. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code...
Embedded Malicious Code
Overview duckdb is a Node.js API for DuckDB, the "SQLite for Analytics". The API for this client is somewhat compliant to the SQLite Node.js client for easier transition and transition you must eventually. Affected versions of this package are vulnerable to Embedded Malicious Code. This package...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview prebid-universal-creative is a javascript api to render multiple formats. This file is inserted into the prebid creative as a placeholder for the winning prebid creative. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview @duckdb/node-api is an API for using DuckDB in Node. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview prebid is a malicious package. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present. Once triggered, it intercepts and alters any...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview @duckdb/duckdb-wasm is an in-process analytical SQL database for the browser. It is powered by WebAssembly, speaks Arrow fluently, reads Parquet, CSV and JSON files backed by Filesystem APIs or HTTP requests and has been tested with Chrome, Firefox, Safari and Node.js. Affected versions ...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...
Embedded Malicious Code
Overview backslash is a parse string escapes \n, \r, etc. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code...