CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Hacker News•added 2026/04/22 7:58 a.m.•8 views

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that's distributed via a theme related to India's banking sector. "The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations...

6AI score

Exploits0

The Hacker News•added 2026/04/21 12:45 p.m.•7 views

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs

Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. "The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that...

OSSF Malicious Packages•added 2026/04/17 8:6 a.m.•4 views

Exploits0

Malicious code in solanakit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e8770458eab636335241e359b6cee149cc00640fb2418b4462c89ec88accc93 During import, the code downloads and starts a malicious package hosted on GitHub. It then first ensures persistency e.g., through the autostart registry key...

OSV•added 2026/04/16 9:15 p.m.•3 views

MAL-2026-2820 Malicious code in chainutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 149995e4a1c4d289fa58be2adcab4095dca7c429097ad6735afef8270e7e4cb3 During import, package triggers malicious code. First, it ensures persistency e.g., through the autostart registry key. Then, based on the encrypted config, an...

OSSF Malicious Packages•added 2026/04/16 8:36 p.m.•5 views

Malicious code in chai-as-ide (npm)

chai-as-ide is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/244f4de235f04fbcd51a and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.4AI score

OSSF Malicious Packages•added 2026/04/16 8:36 p.m.•5 views

Malicious code in chai-as-init (npm)

chai-as-init is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/c2e881b8bc0fe2121454 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

6.2AI score

Exploits0References4

OSSF Malicious Packages•added 2026/04/16 8:36 p.m.•6 views

Malicious code in chai-as-optimized (npm)

chai-as-optimized is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/0ac7efbc0b6b1a53b305 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

OSV•added 2026/04/16 8:36 p.m.•4 views

MAL-2026-2895 Malicious code in chai-as-optimized (npm)

OSV•added 2026/04/16 8:36 p.m.•10 views

MAL-2026-2890 Malicious code in chai-as-ide (npm)

5.5AI score

OSV•added 2026/04/16 5:48 p.m.•1 views

MAL-2026-2819 Malicious code in pynosist (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ef7a4db1443361fe93b268c7ad8f38c5c290d5334162b57c2b534c97acbc2b5d The campaign is built from a benign-like package e.g. genosys and the malicious dependency e.g. pynosist. The dependency uses a PTH file to trigger malicious...

5.9AI score

OSV•added 2026/04/16 5:48 p.m.•2 views

MAL-2026-2818 Malicious code in genosys (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2fb27cde30ea3d834e3160e37c203a1f8a271435cf92316a990766c5b8b9791c The campaign is built from a benign-like package e.g. genosys and the malicious dependency e.g. pynosist. The dependency uses a PTH file to trigger malicious...

5.9AI score

OSSF Malicious Packages•added 2026/04/16 1:34 a.m.•4 views

Malicious code in pretty-logger-js (npm)

pretty-logger-js is a malicious npm package that when imported downloads and executes a C2 dropper from https://www.jsonkeeper.com/b/OTOAQ. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e46da449e6d21efcef5e9975a2f8e90c31369882800ed4c560ae47ade99b53 The packa...

OSV•added 2026/04/16 1:34 a.m.•5 views

MAL-2026-2913 Malicious code in vite-plugin-compress-plus (npm)

vite-plugin-compress-plus is a malicious npm package that when imported downloads and executes a C2 dropper from https://www.jsonkeeper.com/b/OTOAQ. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65e37bfe23d9bb451691cffd0333e0900835c8982785dde1908973adf2beaa7a...

OSV•added 2026/04/16 1:34 a.m.•2 views

Exploits0

MAL-2026-2908 Malicious code in pretty-logger-js (npm)

OSSF Malicious Packages•added 2026/04/15 11:43 p.m.•4 views

Malicious code in tailwind-typography-cssstyle (npm)

tailwind-typography-cssstyle is a malicious npm package that when imported downloads a C2 dropper part of PolinRider campaign from crypto transactions and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

OSSF Malicious Packages•added 2026/04/15 11:43 p.m.•4 views

Malicious code in tailwindthml-flips (npm)

tailwindthml-flips is a malicious npm package that when imported downloads a C2 dropper part of PolinRider campaign from crypto transactions and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

OSSF Malicious Packages•added 2026/04/15 11:43 p.m.•5 views

Malicious code in trgrip (npm)

trgrip is a malicious npm package that when imported downloads a C2 dropper from https://44.206.172.239:7443/direct/download/97900a0e-c691-483a-a988-97b76f205c0f and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

OSV•added 2026/04/15 11:43 p.m.•2 views

MAL-2026-2912 Malicious code in trgrip (npm)

OSV•added 2026/04/15 11:43 p.m.•5 views

MAL-2026-2909 Malicious code in tailwind-typography-cssstyle (npm)