Malicious Package

Overview finn-pulse-init is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-48494 Malicious code in gardr-finn (npm)

The package gardr-finn was found to contain malicious code...

Malicious code in gardr-finn-js (npm)

The package gardr-finn-js was found to contain malicious code...

Malicious code in gardr-finn (npm)

The package gardr-finn was found to contain malicious code...

MAL-2025-48495 Malicious code in gardr-finn-js (npm)

The package gardr-finn-js was found to contain malicious code...

CVE-2025-48322

CVE-2025-48322 – WordPress Statify Widget stored XSS Affected: Statify Widget (WordPress plugin) up to and including version 1.4.6.Root cause: Improper neutralization of input during web page generation, enabling stored XSS.Impact: Stored Cross-Site Scripting vulnerability; exact user impact depe...

Malicious code in finn-lib-supported-platforms (npm)

The package finn-lib-supported-platforms was found to contain malicious code...

MAL-2025-11454 Malicious code in @zalastax/nolb-finn (npm)

The package @zalastax/nolb-finn was found to contain malicious code...

Malicious code in @zalastax/nolb-finn (npm)

The package @zalastax/nolb-finn was found to contain malicious code...

MAL-2025-20574 Malicious code in finn-lib-supported-platforms (npm)

The package finn-lib-supported-platforms was found to contain malicious code...

Side-Channel Extraction of Dataflow AI Accelerator Hardware Parameters

Dataflow neural network accelerators efficiently process AI tasks on FPGAs, with deployment simplified by ready-to-use frameworks and pre-trained models. However, this convenience makes them vulnerable to malicious actors seeking to reverse engineer valuable Intellectual Property IP through...

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent...

Malicious code in finn-pulse-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8556cda5df574e7c339a9e910f83692fefe384dd8c3c1107fafd270c8057a170 The OpenSSF Package Analysis project identified 'finn-pulse-init' @ 1.0.7 npm as malicious. It is considered malicious because: - The package...

MAL-2024-11203 Malicious code in finn-pulse-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8556cda5df574e7c339a9e910f83692fefe384dd8c3c1107fafd270c8057a170 The OpenSSF Package Analysis project identified 'finn-pulse-init' @ 1.0.7 npm as malicious. It is considered malicious because: - The package...

Researcher Spotlight: Jacob Finn creates his own public-private partnership at Talos

After working in government for several years, this Talos threat hunter is diving into the dark web Growing up, Jacob Finn says he wanted to be a detective or maybe a veterinarian, but theres still plenty of time for that. Today with Talos, hes a detective. And while hes still hunting for bad...

@magicfinn/gatsby-theme-finn-default (>=1.0.0 <=2.0.40), @panstav/ozen-dashboard-shared (>=0.0.2 <=0.0.7) potentially affected by CVE-2022-35923 via v8n (>=1.2.3 <=1.3.3)

v8n NPM version =1.2.3, =1.0.0, =0.0.2, =0.0.7 Source cves: CVE-2022-35923 Source advisory: OSV:GHSA-XRX9-GJ26-5WX9...

finn-info.fi Cross Site Scripting vulnerability OBB-2625131

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

finnpartners.com XSS vulnerability

Open Bug Bounty ID: OBB-581616 Description| Value ---|--- Affected Website:| finnpartners.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

uit.no XSS vulnerability

Vulnerable URL: https://uit.no/finn?q=1"--...

AirWatch updates address bypass of root detection and local container encryption

a. Root detection bypass Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data. VMware would like to tha...