134 matches found
MAL-2022-5726 Malicious code in reduce-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4bbda58ef21daed386389cfdb52a4cbe3e2ca0e722e52ebe4a36d7666465b6f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2258 Malicious code in cryptomkt-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d8eb7c9fbdad56f99d756c738658adab42229b22e3f75b6c81078754a4babfe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2010 Malicious code in colors-3.0 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 903f0423bac44c331c63794316072af1738ba2a5caf7d98480dd69fad5c1acfd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5582 Malicious code in random-vouchercode-generator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6bbacfc884557460a66c2cfc6df6b2615f6de1009a2aa4305e728411f9212fcd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6960 Malicious code in voicemail-main-fsm (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 90ed83674650961e5a0e991ff16430ef0df969b6e843db3202f67a8c78bc9aee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5118 Malicious code in orbit-tracking (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b514c540f5d1347c7573a09c60655ff0d5981f14a3e86f7d0bfe30316c2e2894 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4384 Malicious code in logquery (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware db1ab5b83068c39417c440003cbb837f38e0f49eeeae4445d3a773983654789a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1570 Malicious code in bigid-permissions (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f0b6c506e72badf97a60845ef30f644152a83527656d2899543edc54de0e375f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-637 Malicious code in @thecheesecakefactory/fetlife-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71fabb31bb50cd76db49e08366c812382e0fc798d55b60a116b275b7ff771b48 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-451 Malicious code in @ncr-design-system/cxd-npm-releases (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 006d2f71b3519c6fc98d63cb3fe8db7b056395cb490db6a35bd2b75de7da5d12 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-179 Malicious code in @coinalpha/fetlife-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4a7704a85626f889573180f8a0f9209011120627ad9c9481261dd65ca9e3d9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1934 Malicious code in cloudflare-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 908520a9518631f583d13833775c371f01544eaacb80c3d2879f9491fb0547eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4904 Malicious code in nodejs-driver (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c4ceaf6a066fdce9ab350306c61d927c0ca99cc7d77b8eefe29c778fdfd8758 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4031 Malicious code in jira-cloud-for-sketch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ad48f9eea0ecfefd93ce7705dbe71a99132b23d8479beb15c59d17634ee94c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2573 Malicious code in dortmond22 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 760248828bf200a47a8f8e38cc7ab2a81c896673f96b237b4e363fd2241561a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4291 Malicious code in lexical-website-new (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware edf8272d90444a72cfac6b1d5fad7cca728ef7be68d666235965897dd316f5f7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-246 Malicious code in @epc-libraries/driver-outage-db (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff6efcfcdda0c9d58ca14f7eab6a15de18eb1c378c723af90f2556ab8cd5457f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
A New Software Supply‑Chain Attack Targeted Millions With Spyware
Cybersecurity researchers today disclosed a new supply chain attack targeting online gamers by compromising the update mechanism of NoxPlayer, a free Android emulator for PCs and Macs. Dubbed "Operation NightScout" by Slovak cybersecurity firm ESET, the highly-targeted surveillance campaign...
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure. FireEye has given the campaign an identifier of UNC2452 and is further...
CVE-2020-3524
A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...