Malicious code in confusion-1337 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d5e0f5fa705444941a3db8182bfc9c7eacb35a3bda7f57cccae5e088eb93404 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-74 Malicious code in @zola-helpers/client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee698d441406b57b08f773d9f7c97565c0d839bc65054354c7ab8f4556b4293a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-544 Malicious code in juno-branding (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7445e9499982b52ca2f99b800d45f9d94599662f468ea58eac6c4a2dc8910ac3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Technician Indicted for Hacking California Water Treatment Facility

By Deeba Ahmed The jury has charged Rambler Gallo with one count of transmitting a program, information, code, and command to cause damage to a protected computer. This is a post from HackRead.com Read the original post: Technician Indicted for Hacking California Water Treatment Facility...

MAL-2023-35 Malicious code in @cima/prism-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f49996021053433e43b19a3a4ae21a731784fc9b4d053c1ee07dea4613dd76a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-314 Malicious code in eth-api-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ae0229b0b9b6f52ad99cbadf592c4cd4a35c6b90764717a8d37ce843df055398 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

CVE-2023-36808 GLPI vulnerable to SQL injection through Computer Virtual Machine information

GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.8, Computer Virtual Machine form and GLPI inventory request can be used to perform a SQL injection attack. Version 10.0.8 has a patch for this issue. As a workaround, one may disable native...

CVE-2023-36808 GLPI vulnerable to SQL injection through Computer Virtual Machine information

GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.8, Computer Virtual Machine form and GLPI inventory request can be used to perform a SQL injection attack. Version 10.0.8 has a patch for this issue. As a workaround, one may disable native...

MAL-2023-160 Malicious code in carbon-sageone (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b1dd56dd7300d3e57844b0cda4d9223dc1874d2e0db91e2308fd11ff2ac5a2d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

GLPI vulnerable to SQL injection through Computer Virtual Machine information

[email protected] reports: GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.8, Computer Virtual Machine form and GLPI inventory request can be used to perform a SQL injection attack. Version 10.0.8 has a patch for this issue...

Malicious code in blossom-flex-ui-localization (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45835a19933049983c803d03cb5c9fe34157fa2a4d00823f43d60983bbc79966 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-136 Malicious code in blossom-flex-ui-localization (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45835a19933049983c803d03cb5c9fe34157fa2a4d00823f43d60983bbc79966 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in env-cross (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5dfac7391de71e5fbbea3c5880d76d0fada380dc4026cd39541ac9684098b56e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-307 Malicious code in env-cross (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5dfac7391de71e5fbbea3c5880d76d0fada380dc4026cd39541ac9684098b56e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-417 Malicious code in fca-rqzax (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c98a4aa34af7d5974aa6af6ad233eb8eba8a665b37369c4dfb0608bbe979ea2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-749 Malicious code in rqzax-database (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a84c5b52ec28f42cffc2ec18e27f39dc1c908add4471e1ae31eeea8e752e07e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-933 Malicious code in velo-external-database-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b9c7e720483399030f4aa6ca225732c8aab633f862302071086c02e3d990993a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in velor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b8dd8323c45be30eda6a4167c8e3799e4d598711e2568b55238dfea09e727326 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-1009 Malicious code in zoomapps-customlayout-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e07392edf92e8d29e546869050e65c3d70bdf3d86285cd245a1464a1a4c4d560 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-756 Malicious code in samplepackagedemo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c55c21d2ed72077608698c710d7eb69de600ca8f9e45b448f7b5769c6bbf0c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...