1615 matches found
Malicious code in @mlspace/dtransfer-history (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
MAL-2026-4870 Malicious code in @car-loans/general-analytics (npm)
Part of a dependency confusion attack campaign targeting the @car-loans, @fb-deposit, and @debit-ib npm scopes. The attacker npm user pik-libs published 25 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version resolution,...
MAL-2026-4883 Malicious code in @cloudplatform-single-spa/advanced (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @mlspace/inference-build (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/notification-gateway (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/postgre (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
CVE-2025-68711
AppLockZ App Lock and Fingerprint Lock applock.passwordfingerprint.applockz 4.2.11 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface...
Malicious code in create-arnext-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67a5229a06132707ff10eb04a5fc2a19abf029ded0d61e1c9d0814f5cb2bb667 The package declares "preinstall": "./.github/scripts/precheck" in package.json, which invokes a 976KB stripped Linux x8664 ELF binary hidden under...
Netherlands Busts Bulletproof Hosting Network Linked to Disinformation and Cybercrime
Dutch authorities arrested two suspects after dismantling a bulletproof hosting network linked to cybercrime, disinfo, and Russian sanctions evasion...
Building an Adversarial Malware Dataset by Family and Type: Generation, Evasion, and Poisoning Evaluation
We present a dataset of adversarial malware samples derived from the public RawMal-TF collection of real-world malware binaries. Using a suite of adversarial malware generators, we construct two sets of adversarial PE files: 44,347 family-labelled samples and 33,596 type-labelled samples, achievi...
Malicious code in vite-plugin-css-blend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a47fa75fbd028d1aca89ca790036f760c76d8e486175505ef4a8f59f33e7c76 The package is published as a Vite CSS plugin but exposes no Vite plugin API. Its documented applyGlobalStylespalette, accents export, when called on...
MAL-2026-4706 Malicious code in vite-plugin-css-blend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a47fa75fbd028d1aca89ca790036f760c76d8e486175505ef4a8f59f33e7c76 The package is published as a Vite CSS plugin but exposes no Vite plugin API. Its documented applyGlobalStylespalette, accents export, when called on...
MAL-2026-4677 Malicious code in swift-optimizer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c54f35da6df5cef65715d49fb7942aff442ee9a0cb486862031e5009277db3a On npm install, [email protected] runs scripts/install-binary.js as a postinstall hook. The script is a hand-rolled JavaScript bytecode VM 123 KB...
Malicious code in swift-optimizer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c54f35da6df5cef65715d49fb7942aff442ee9a0cb486862031e5009277db3a On npm install, [email protected] runs scripts/install-binary.js as a postinstall hook. The script is a hand-rolled JavaScript bytecode VM 123 KB...
UFONet 2.0
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc...
MAL-2026-4215 Malicious code in polymarket-trade (npm)
A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...
MAL-2026-4213 Malicious code in polymarket-copy-trading (npm)
A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...
Prompt Overflow: What the Guardrail Inspects Is Not What the Model Infers
Guardrail models a.k.a. safety checkers are widely deployed to screen user inputs before they reach large language models LLMs, serving as a primary defense against prompt injection attacks. Due to strict context constraints, these models handle overlength prompts through truncation or...
Malicious code in idlidosa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c6cba2c58d95d705af7dc5bb1c630129127835fb1ef15d4ccf43ec2818bf632 The package is purpose-built tooling to defeat exam-proctoring / lockdown software, with multiple installer-machine integrity harms triggered when th...
MAL-2026-4581 Malicious code in idlidosa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c6cba2c58d95d705af7dc5bb1c630129127835fb1ef15d4ccf43ec2818bf632 The package is purpose-built tooling to defeat exam-proctoring / lockdown software, with multiple installer-machine integrity harms triggered when th...