Malicious Package

Overview moustick is a malicious package. This package contains malicious code that fetches and eval a remote payload from attacker-controlled URL https://www.jsonkeeper.com/b/MYUKZ on require in moustick/index.js. The payload is designed to extract RELAYERPRIVATEKEY and JWTSECRET from the victim...

Malicious Package

Overview cookie-parser-legacy is a malicious package. This package contains malicious code that uses another malicious package moustick Snyk Advisory as a dependency to fetch a remote payload from attacker-controlled URL https://www.jsonkeeper.com/b/MYUKZ. The payload is designed to extract...

CVE-2026-42461

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.18.0, four GET endpoints under /api/templates in Arcane's Huma backend are registered without any Security requirement, allowing any unauthenticated network client to list and read the full...

CVE-2026-42461 Arcane Vulnerable to Unauthenticated Disclosure of Custom Compose Template Content (incl. `.env` secrets)

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.18.0, four GET endpoints under /api/templates in Arcane's Huma backend are registered without any Security requirement, allowing any unauthenticated network client to list and read the full...

MAL-2026-2461 Malicious code in strapi-plugin-finseven (npm)

strapi-plugin-finseven is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topolog...