Lucene search
K

7 matches found

Snyk
Snyk
added 2026/04/22 12:29 p.m.6 views

Embedded Malicious Code

Overview xinference is a powerful and versatile library designed to serve language, speech recognition, and multimodal models. With Xorbits Inference, you can effortlessly deploy and serve your or state-of-the-art built-in models using just a single command. Whether you are a researcher, develope...

9.8CVSS5.5AI score
Exploits0References2
OSV
OSV
added 2026/04/08 4:19 a.m.2 views

MAL-2026-2507 Malicious code in @fairwords/loopback-connector-es (npm)

The @fairwords/loopback-connector-es package was compromised as part of the TeamPCP/CanisterWorm campaign. A postinstall hook executes node scripts/check-env.js || true which performs multi-stage credential harvesting, encrypted exfiltration, and self-propagation. The payload harvests 40+...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:33 a.m.5 views

Malicious code in @emilgroup/discount-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98b66c2b21da822102c367293fd9acc95e864afb9bb8ddebcb3ac0d49ccf583e The package @emilgroup/discount-sdk-node was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/03/26 12:33 a.m.4 views

MAL-2026-2202 Malicious code in @emilgroup/commission-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88cda98ba417752b6bf4aef7eb0ecf7410017226165423202ca4d5886f370478 The package @emilgroup/commission-sdk was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/03/26 12:33 a.m.3 views

MAL-2026-2206 Malicious code in @emilgroup/process-manager-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c387184509fe5ed2657f553bc35f51353adfe2f37b6b1a4817cec868cb653cf The package @emilgroup/process-manager-sdk was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
The Hacker News
The Hacker News
added 2026/03/23 1:14 p.m.14 views

⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing many still ignore basic advisories. This edition covers a mix of issues: supply chain attacks hitting CI/CD setups, long-abused IoT devices being shut down...

10CVSS7.4AI score0.98412EPSS
Exploits51
The Hacker News
The Hacker News
added 2026/03/23 8:31 a.m.9 views

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack, highlighting the widening blast radius across developer environments. The last known clean release of Trivy on Docker Hub is 0.69.3. The malicious versions 0.69.4,...

9.4CVSS6.2AI score0.60368EPSS
Exploits2
Rows per page
Query Builder