Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/03/12 4:23 p.m.1 views

Malicious Package

Overview reuse-plugin is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The package...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snykadded 2026/03/12 4:23 p.m.1 views

Malicious Package

Overview jsx-development is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snykadded 2026/03/12 4:23 p.m.3 views

Malicious Package

Overview syntax-trailing-commas is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior T...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snykadded 2026/03/12 4:23 p.m.1 views

Malicious Package

Overview minify-replace is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The packa...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snykadded 2026/03/12 4:23 p.m.1 views

Malicious Package

Overview lit-a11y is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The package use...

9.8CVSS5.9AI score
Exploits0References3
The Hacker News
The Hacker Newsadded 2025/09/11 6:2 a.m.5 views

AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto

Cybersecurity researchers have disclosed details of a new campaign that leverages ConnectWise ScreenConnect, a legitimate Remote Monitoring and Management RMM software, to deliver a fleshless loader that drops a remote access trojan RAT called AsyncRAT to steal sensitive data from compromised...

7.1AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2022/12/06 12:0 a.m.2 views

PT-2022-26871 · Telegram · Telegram Web K

Name of the Vulnerable Software and Affected Versions: Telegram Web version 15.3.1 Description: The issue allows for XSS via a certain payload derived from a Target Corporation website. Some third parties have been unable to discern any relationship between the Pastebin information and a possible...

6.1CVSS6AI score0.00247EPSS
Exploits1References7
Rows per page
Query Builder