MAL-2023-475 Malicious code in github_projects_page (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b2d74bcd5a89a954b52e8b0d1326b9a1ffdd05cf108f14b84e984a2e0314abae Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Ethical Problems in Computer Security

Tadayoshi Kohno, Yasemin Acar, and Wulf Loh wrote excellent paper on ethical thinking within the computer security community: "Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversation": Abstract: The computer security research community regularly tackles ethical...

MAL-2023-107 Malicious code in assets-graph (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e513e7556846ca62fa4d27646eef928d55f2c2954ce9caa51dd63643e2adf445 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

MAL-2023-825 Malicious code in sync-http-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 666c54b1098d52ea02eebf562d8cf02c1a736ee608eb15029543afd5181e4094 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

MAL-2023-108 Malicious code in assets-table (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0980e797c7e6db1bd06873799b54350dd781176d8a2e104a7301a51053e3991b Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

Malicious code in @ans-exam/client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1b89ea0770827099ee6eb05d0c0345dbf2c9318531d99794a8121609dea1d43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-23 Malicious code in @ans-exam/client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1b89ea0770827099ee6eb05d0c0345dbf2c9318531d99794a8121609dea1d43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

US dangles $10 million reward for information about Cl0p ransomware gang

The US Department of States national security rewards program, Rewards for Justice RFJ, is offering a reward of up to $10 million for information linking the Cl0p ransomware gang, or any other malicious cyber actors targeting US critical infrastructure, to a foreign government. Advisory from...

topcomputersciencedegrees.com Cross Site Scripting vulnerability OBB-3447496

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Nintendo Mario Kart 安全漏洞

Nintendo Mario Kart is a game by Nintendo of Japan Nintendo. A security vulnerability exists in Nintendo Mario Kart Wii RMCP01, RMCE01, RMCJ01, RMCK01. An attacker can exploit the vulnerability to execute arbitrary code on the client computer...

MAL-2023-947 Malicious code in vue-audit (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d83b4e200320d89600b71bfb94b2106e5e01fe0c319873c9dac9b0d9661447da Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

20-Year-Old Russian LockBit Ransomware Affiliate Arrested in Arizona

The U.S. Department of Justice DoJ on Thursday unveiled charges against a Russian national for his alleged involvement in deploying LockBit ransomware to targets in the U.S., Asia, Europe, and Africa. Ruslan Magomedovich Astamirov, 20, of Chechen Republic has been accused of perpetrating at least...

MAL-2023-296 Malicious code in dvknpm-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 699740896647f6c3926d3579cb62aaf2d4cb804f000f96f4ad3d049f5c176b13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in chart-vxe (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 002bd97e07b258e0171a9659dd1196fa1fde9398bb98fd5ac8213b966f9e40df Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

HP PC 安全漏洞

HP PC is a computer product of Hewlett-Packard HP Company, USA. A security vulnerability exists in the HP PC BIOS that originates from allowing arbitrary code execution, privilege escalation, denial of service, and information disclosure...

HP PC 安全漏洞

HP PC is a computer product of Hewlett-Packard HP Company, USA. A security vulnerability exists in the HP PC BIOS that originates from allowing arbitrary code execution, privilege escalation, denial of service, and information disclosure...

MAL-2023-910 Malicious code in tslib-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ef2c27850230a6ec89e578f414b36de97f9850b32450c33921cb68699cf3ba38 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

MAL-2023-666 Malicious code in packj (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa234f9cd17f850d24031cd41a8370ad57596e538deb70be48d9fdea3fc4577a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-854 Malicious code in testfoo-my (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 829df88c31550a9fb91f6517f5e6220b2091aeb5d663bae363dfea5c1c2a6c4a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in rainbow-bridge-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b9d5b776bcc096bf2074b398b85698a12e8607fa2a06624cf23130a12eea6093 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...