15430 matches found
CVE-2023-54149
creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...
CVE-2024-42273
creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...
Computer Vision Frameworks: Features And Future Trends
Computer vision frameworks explained, features, types, and future trends. Learn how AI tools process images, train models, and…...
Malicious code in pretty-changelog-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64b9f609acf299244364375bad1f58bc65eb5c8b17ca7e9bc92de94aff7e975c The package pretty-changelog-logger was found to contain malicious code. Source: ghsa-malware...
Malicious code in npm-demoo-1111 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c2199a37f518fbd8345def58b16a83c07aaf6aae9b837f6ec6d96a179f97849 The package npm-demoo-1111 was found to contain malicious code. Source: ghsa-malware 12073b21cd21241e9d8a004221c9e22d323091d95e7b5b9bdde2f1b20883aea4...
Malicious code in npm-demo-1112 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 997173ec7aa479e3f57733838a8d8923cd42b2a9b272936ae7798a8f3c7f3699 The package npm-demo-1112 was found to contain malicious code. Source: ghsa-malware dd67ca28466b78c5da65f0a98c71b3e3243c90641b4de5d7ccc3215dbb1a33e4...
MAL-2026-1443 Malicious code in es-lint-builder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cb77bc53967094108e0dec0e00ddd13bef1d74b3482d959c28c4fc13753cd49 The package es-lint-builder was found to contain malicious code. Source: ghsa-malware e4f62649e3a09df9cabfd19d23538447b0d8762de9506c23c5b27c4a6882967...
MAL-2026-1442 Malicious code in bignumber-tool.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81863c7d661d7e537eb4cafb3e74ae83b61483b4617c03f6a4283d34ce651102 The package bignumber-tool.js was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1444 Malicious code in graphql-request-dom (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12e85257ce18204d98a8a6181fa40a75d7feb91477b98f6b86ba89223a9f4e51 The package graphql-request-dom was found to contain malicious code. Source: ghsa-malware...
Malicious code in transform-dynamic-import (npm)
The package 'transform-dynamic-import' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
PT-2026-25785
A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function route set user policy rule of the file /cgi-bin/UploadCfg of the component Web Interface. The manipulation of the argument wans.policy.list1 results in os command injection. It is possible to launch the attack...
Malicious code in proposal-typescript (npm)
The package 'proposal-typescript' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1530 Malicious code in styled-components-a11y (npm)
The package 'styled-components-a11y' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1554 Malicious code in typescript-validation-schema (npm)
The package 'typescript-validation-schema' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1500 Malicious code in @storylane/shared-packages (npm)
The package '@storylane/shared-packages' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1512 Malicious code in undeclared-variables-check (npm)
The package 'undeclared-variables-check' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in typescript-react-query (npm)
The package 'typescript-react-query' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in transform-typescript (npm)
The package 'transform-typescript' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in pear-wrk-wdk (npm)
The package 'pear-wrk-wdk' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...
MAL-2026-1514 Malicious code in declaration-block-no-ignored-properties (npm)
The package 'declaration-block-no-ignored-properties' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2...