Malicious code in @easy-entry/landing-routes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16fd1aa3384490a5c01cbdc619bb61ea5fc70f853c8e8ed2e9836d2ca4617556 On npm install, the package's postinstall hook runs two exfiltration paths against an attacker-controlled Burp Collaborator endpoint. First,...

Seeking Alpha Mobile Financial App Forgoes Encryption

A popular mobile application that provides financial market research material operates without a measure of encryption, putting user information, including credentials and strategic financial interests at risk. The Seeking Alpha mobile app for Android and iOS also leaks everything from HTTP cooki...