27 matches found
Malicious code in @redhat-cloud-services/topological-inventory-client (npm)
Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...
Malicious code in @puppeteer/browsers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76482d9b1a887d0692b8dd6aab8071a8d96388a065c1e512999107e4c4e9cd54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in puzzle-asset (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa20758e3fc1eaf5b167758e00f73f4f8cead459061a4971f7358e8aa7f436b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-1572 Malicious code in transform-new-target (npm)
The package 'transform-new-target' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1113 Malicious code in typoriem (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e473ba3785bff62ce2994c6f09309570eea69282acc5438f015d85ca0e61cf5c The package typoriem was found to contain malicious code. Source: ghsa-malware 4dfd9fb9cb096af0fd4d1db216d08d1ae5592ef63c0c97c66a491b00ebdde43e Any...
MAL-2025-48554 Malicious code in js-repack (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7a80a1c4ce3e508e53f6fbcff1d53486d344d5e88efb691abaad37cc22759f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48113 Malicious code in redirect-1ubpyu (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbb4f39103b7a3e69cc2d67cfe0d4c492f1f9e60b623136b6ee80ffc0646e1bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in redirect-nuyvwk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35133a0ea653785ed6a6339636f560ca0db12d687272233f4a250d7931cc1f29 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
ReVault! When your SoC turns against you…
Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that we are calling "ReVault". 100+ models of Dell Laptops are affected by this vulnerability if left unpatched. The ReVault attack can be used as a post-compromise...
Malicious code in @loybung/utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e4ad6dc27f068d9c2140a021ffc400d65281d8cb3bc6f19890e071c25e51492 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in js-lib-const (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 02a729f8e6b9c15dea0d5d98728a6fa1585580d7c06587bd998cfb8e8a17760b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in toc-generator-markdown (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78aba0f665dc55e94b5a5dc3b90ce2d371080c1acda0c4565429afcfb9ba4fe6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wavs-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23292d68d4faeef5d972ec10be124e29ba31892999b6d475b00b150885570d5e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @diotoborg/repellendus-autem-itaque (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 664444214d41096002c44a914fcad118c722f2abda37e5478060fe76df352b75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @zitterorg/modi-non-tenetur (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f123b4783b15ff1100236cef19ddfeadc3ae6ed40f4efb218047a4d514e9591 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ozon-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6a05e800a141f7c456358b5d20b4e3cebc65f9d0229d0024fae5b1e51ed1e51 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in discord-logs-v14 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6dbe55f1c7c7a2f1783114a88a3045cdb6a0b355459aa66c2c364e68f396466e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dark-warriors-promise-the-children-of-the-gods-8-by-it-lucas-on-audible-new-edition- (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d8775886a3d9648305bf330fb02cd6f1fdb7ccb78a5bd3a67441d1e40fd9004 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in new_cracker_element_3d_after_effect_cs6_new_crack_dzr (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dc16e2fa8f77b7b5b69892932b891a79c37db955251c14795854110692e68963 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ca-bucky-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8ee4afc99c3034156d15adbc02cd1378995ce9c095545e9d6bbd8465f8d666cd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...