7 matches found
New DHL Phishing Scam Uses 11-Step Attack Chain to Steal Passwords
Forcepoint’s X-Labs reports an 11-step DHL phishing scam that uses fake OTP codes and EmailJS to harvest user credentials and device telemetry...
Malicious Package
Overview https-emailjs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview http-emailjs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in https-emailjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8aff232c81a7253eeb9e10075207aebc5908976a9a1adf6009d750b444467db The package https-emailjs was found to contain malicious code. Source: ghsa-malware e6feff6e256b4c145082869f4ce5f64f2a2a15cab09caeef3e3d5735188aa0f6...
MAL-2026-724 Malicious code in https-emailjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8aff232c81a7253eeb9e10075207aebc5908976a9a1adf6009d750b444467db The package https-emailjs was found to contain malicious code. Source: ghsa-malware e6feff6e256b4c145082869f4ce5f64f2a2a15cab09caeef3e3d5735188aa0f6...
MAL-2026-723 Malicious code in http-emailjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a9d03c741837fca8f8630f52d108b904dff1e056ff9b3bee73df663f691a59f The package http-emailjs was found to contain malicious code. Source: ghsa-malware cd9f06aa02e0e2ed77b3cedfb2e499b9f73530f95231f0fdc8dbeecc0bf2222a A...
Denial Of Service (DoS) Through Memory Exhaustion
emailjs-mime-parser is vulnerable to denial of serviceDOS attacks. Lack of necessary validations in mimeparser.js allows an attacker to send an unlimited number of MimeNode objects causing the system to take a disproportionate amount of time to process, resulting in an application crash...