K000159707: NPM vulnerability CVE-2025-59145

Security Advisory Description color-name is a JSON with CSS color names. On 8 September 2025, an npm publishing account for color-name was taken over after a phishing attack. Version 2.0.1 was published, functionally identical to the previous patch version, but with a malware payload added...

CVE-2025-59039

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

Prebid-universal-creative latest on npm briefly compromised

Impact Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware detailed in the blog post below. This includes the extremely popular jsdelivr hosting of this file. Patches We unpublished the version on npm. Workarounds This has already been unpublished. See Prebid.js ...

CVE-2025-59039

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

CVE-2025-59039 Prebid Universal Creative on npm briefly compromised

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

MAL-2025-46992 Malicious code in @duckdb/node-api (npm)

The DuckDB Node.js package @duckdb/node-api version 1.3.3 was compromised with malware through a sophisticated phishing attack targeting the DuckDB maintainers. An attacker created a pixel-perfect copy of the npmjs.com website at npmjs.help domain and tricked a maintainer into logging in and...

PT-2025-36996

Name of the Vulnerable Software and Affected Versions: Prebid Universal Creative PUC versions 1.17.3 and latest Description: Prebid Universal Creative PUC is a JavaScript API used to render multiple formats. Npm users of PUC were briefly affected by crypto-related malware. Recommendations:...

Kinsing Crypto Malware Targets Linux Systems via Apache ActiveMQ Flaw

By Deeba Ahmed Patches for all affected versions of Apache ActiveMQ have been released, and clients are strongly advised to upgrade their systems. This is a post from HackRead.com Read the original post: Kinsing Crypto Malware Targets Linux Systems via Apache ActiveMQ Flaw...

HolesWarm crypto malware hits unpatched Linux, Windows servers

By Waqas Researchers are calling the HolesWarm the "king of vulnerability exploitation" as the malware has already exploited 20 known Linux and Windows vulnerabilities in just a month. This is a post from HackRead.com Read the original post: HolesWarm crypto malware hits unpatched Linux, Windows...

Old crypto malware makes come back, hits Windows, Linux devices

By Deeba Ahmed LemonDuck was first discovered in China in 2019 as a cryptocurrency botnet that used affected systems for Monero mining. This is a post from HackRead.com Read the original post: Old crypto malware makes come back, hits Windows, Linux devices...

Cerber: Analyzing a Ransomware Attack Methodology To Enable Protection

Ransomware is a common method of cyber extortion for financial gain that typically involves users being unable to interact with their files, applications or systems until a ransom is paid. Accessibility of cryptocurrency such as Bitcoin has directly contributed to this ransomware model. Based on...

Petya Ransomware Installs Mischa As Failsafe

The Petya ransomware strain signaled a new escalation for crypto-malware when it surfaced in March. For the first time, ransomware went beyond encrypting files on local and shared drives and instead set its sights on locking up the Master File Table on compromised machines. Petya did have its...

Researchers Learning More About Petya Ransomware

Researchers are digging through samples of the Petya ransomware, and while they’ve learned some about its inner workings, they still haven’t mastered enough to come up with a decryptor. Petya is the latest twist on crypto-malware. It was found recently targeting companies in Germany in a spam...

Onion Ransomware Demands Bitcoins, Uses Tor, Advanced Encryption

More details about a new family of encryption ransomware that uses the anonymous network Tor and requires users pay by Bitcoin have emerged. The ransomware, known in some circles as Critoni or CTB-Locker, has been dubbed Onion by researchers at Kaspersky Lab as its creators use command and contro...