55 matches found
Malicious Package
Overview github.com/BufferZoneCorp/grpc-client is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a cluster...
Malicious code in gauth-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aea1fab5eb3b9422c65232e53e79eb71ba3436355601cd61e7a7b0177779df4e Package impersonates Google and attempts to exfiltrate various credential files. It also setups PTH file for automated start during Python initialization. In t...
Malicious Package
Overview @aifabrix/miso-client is a malicious package. This package was affected by the 'GlassWorm' supply chain attack. It includes a hidden malicious payload embedded with invisible Unicode characters. These characters hide a decoder that retrieves and executes a concealed payload through eval...
SUSE SLES15 / openSUSE 15 Security Update : kubernetes (SUSE-SU-2026:0325-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0325-1 advisory. This update for kubernetes rebuilds it against the current GO security release. Tenable has extracted the preceding descriptio...
Malicious code in sign-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e300b5f52fc165080a7c0a9eee170ee453c31a0419dc65e004a64b0749b699cf The package sign-client was found to contain malicious code. Source: ghsa-malware d46bf80205dc64dc9e6d65d1208f0b6e1a978d8dfdd555fbb2c9eb31805df69c An...
EUVD-2026-1985
Malicious code in @workleap-widgets/client npm...
EUVD-2025-199200
Malicious code in @varsityvibe/api-client npm...
EUVD-2025-37262
Malicious code in soxhob-client npm...
Malicious code in @item-shop-data/client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3931756a8f0da8b385e1c2b974c51fef803ddf8c0c6cb84ed0dacf3b3e6c1bd The package @item-shop-data/client was found to contain malicious code...
MAL-2025-49104 Malicious code in @item-shop-data/client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3931756a8f0da8b385e1c2b974c51fef803ddf8c0c6cb84ed0dacf3b3e6c1bd The package @item-shop-data/client was found to contain malicious code...
EUVD-2025-37189
Malicious code in @item-shop-data/client npm...
EUVD-2022-0401
Malicious code in bioql PyPI...
Malicious code in @espace-client-axafr/confirmation-screen (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in @espace-client-axafr/banniere-alerte-client (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-19278 Malicious code in ejs-client (npm)
The package ejs-client was found to contain malicious code...
MAL-2025-7948 Malicious code in @frozen-team-qa/axios-client (npm)
The package @frozen-team-qa/axios-client was found to contain malicious code...
MAL-2025-5715 Malicious code in pbr-client (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4933f0eae305db421cd46414b1773fb97338c6966af0abd06e1232ffe4c4c96f Any computer that has this package installed or running should be considered...
[SECURITY] Fedora 42 Update: guacamole-server-1.6.0-1.fc42
Guacamole is an HTML5 remote desktop gateway. Guacamole provides access to desktop environments using remote desktop protoc ols like VNC and RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser. No browser plugins are needed, and no clie...
MAL-2025-5429 Malicious code in kwp-client (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c4b82674a8103c96e95f1908e00927362c610a522b8f7b8cf5c3f4eca192fef6 Any computer that has this package installed or running should be considered...
Malicious code in mdp-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9dbfb2d3ae272dd0bda3bab2d03d7f1461dc50e5b834fd48ab7510f7e55b2a5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...