347 matches found
Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of what has been described as a "complex and well-resourced operation." The campaigns have led to the deployment of various malware families, including HIUPAN aka USBFect, MISTCLOAK...
ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next. Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions...
EUVD-2025-120031
Malicious code in breezy-crimson-marten npm...
Malicious code in breezy-crimson-marten (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3875b560289ee53cd714075de6f50623325d7fec152a2d1a0035da53e9289f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-117443
Malicious code in dirty-crimson-mammal npm...
EUVD-2025-117336
Malicious code in handicapped-crimson-goldfish npm...
EUVD-2025-117223
Malicious code in monthly-crimson-whippet npm...
EUVD-2025-117151
Malicious code in proud-crimson-amphibian npm...
EUVD-2025-117026
Malicious code in thoughtful-crimson-yak npm...
EUVD-2025-117010
Malicious code in valid-crimson-hippopotamus npm...
EUVD-2025-117110
Malicious code in scientific-crimson-bison npm...
Malicious code in vertical-crimson-firefly (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d3c74559c3b3550fcaf2e322a771a25d136c04e8e12f1335706771da8036c38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-117387
Malicious code in fantastic-crimson-dolphin npm...
EUVD-2025-117005
Malicious code in vertical-crimson-firefly npm...
Malicious code in combative-crimson-deer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea20d6db67477fcb5b1856681f899c65c487c208feab659f676f57c06e0c1fef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fantastic-crimson-dolphin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5207ab0330e3364dada16a792ef352dbc7c9b2b88ba16191ef543dca2311f107 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in proud-crimson-amphibian (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2c1286ca9bcc2c22afa783d312250a4e270c79b9e27f81268ace3058bd40df0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in valid-crimson-hippopotamus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43bab958e94e0c20206a07309497c85049427f209cd0030f77275c219a9a6bc0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-117492
Malicious code in chubby-crimson-chimpanzee npm...
EUVD-2025-117366
Malicious code in frequent-crimson-quokka npm...