88 matches found
PowMix botnet targets Czech workforce
Cisco Talos discovered an ongoing malicious campaign, operating since at least December 2025, affecting a broader workforce in the Czech Republic with a previously undocumented botnet we call "PowMix." PowMix employs randomized command-and-control C2 beaconing intervals, rather than persistent...
EUVD-2021-2433
Malware in sbrugna...
EUVD-2022-6579
Malicious code in bioql PyPI...
Malicious code in heroku-sudo (npm)
The package heroku-sudo was found to contain malicious code...
Malicious code in buffered-logger-heroku (npm)
The package buffered-logger-heroku was found to contain malicious code...
MAL-2025-22399 Malicious code in heroku-sudo (npm)
The package heroku-sudo was found to contain malicious code...
MAL-2025-16305 Malicious code in buffered-logger-heroku (npm)
The package buffered-logger-heroku was found to contain malicious code...
CVE-2020-7634
heroku-addonpool through 0.1.15 is vulnerable to Command Injection...
MAL-2025-2967 Malicious code in heroku-tl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8a78aff2389300306864bb3d44e1ac70675e128845a4d734dae5ffbc39076b93 Clone of a legit Telegram client, with a hidden code that, under some conditions, can attempt to destroy the Linux OS. --- Category: MALICIOUS - The campaign h...
Malicious code in heroku-tl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8a78aff2389300306864bb3d44e1ac70675e128845a4d734dae5ffbc39076b93 Clone of a legit Telegram client, with a hidden code that, under some conditions, can attempt to destroy the Linux OS. --- Category: MALICIOUS - The campaign h...
A Bootiful Podcast: Heroku's Terence Lee
Hi, Spring fans! Happy Spring Boot 3.4.0 release day to those who celebrate! Today I'm joined by both Terence Lee, from Heroku, and my friend DaShaun Carter, and we talk about platforms, buildpacks, and more. heroku paas buildpacks,...
Why High Tech Companies Struggle with SaaS Security
It's easy to think high-tech companies have a security advantage over other older, more mature industries. Most are unburdened by 40 years of legacy systems and software. They draw some of the world's youngest, brightest digital natives to their ranks, all of whom consider cybersecurity issues...
Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN. The group "primarily targets cloud platforms offering limited-time trials of...
Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN. The group "primarily targets cloud platforms offering limited-time trials of...
New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances
A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure...
OS Command Injection
Heroku-env is vulnerable to OS command injection. The vulnerability is due to the function get that executes a shell command with unsanitized user input. An attacker can inject shell code using the app parameter, using the control operator & or && followed by an arbitrary command...
heroku-env susceptible to command injection
A command injection vulnerability affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js...
GHSA-JP45-65JW-94MJ heroku-env susceptible to command injection
A command injection vulnerability affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js...
CVE-2020-28437
This affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js...
Code injection
This affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js...