Lucene search
K

37 matches found

OSV
OSV
added 2025/11/22 12:51 p.m.4 views

MAL-2025-190619 Malicious code in hyatt-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45791aa99b3cab0aaa98d1564ffb2226c039f7e31723b2b4e6033d482e1ad3d6 The package hyatt-ui was found to contain malicious code. Source: ossf-package-analysis...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/22 12:51 p.m.5 views

Malicious code in hyatt-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45791aa99b3cab0aaa98d1564ffb2226c039f7e31723b2b4e6033d482e1ad3d6 The package hyatt-ui was found to contain malicious code. Source: ossf-package-analysis...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/22 12:51 p.m.2 views

EUVD-2025-198549

Malicious code in hyatt-ui npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/23 4:19 p.m.2 views

Malicious code in hyatt-avatar (npm)

Package collects system info and sends to untrusted server, plus suspicious install scripts indicate malicious behavior. The package communicates with a domain associated with malicious activity...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/10/23 4:19 p.m.3 views

MAL-2025-48690 Malicious code in hyatt-avatar (npm)

Package collects system info and sends to untrusted server, plus suspicious install scripts indicate malicious behavior. The package communicates with a domain associated with malicious activity...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/23 4:19 p.m.5 views

Malicious code in hyatt-album (npm)

Malicious package does system info exfiltration, arbitrary code execution via install scripts, and a suspicious version number. The package communicates with a domain associated with malicious activity...

8AI score
Exploits0References1
OSV
OSV
added 2025/10/23 4:19 p.m.2 views

MAL-2025-48689 Malicious code in hyatt-album (npm)

Malicious package does system info exfiltration, arbitrary code execution via install scripts, and a suspicious version number. The package communicates with a domain associated with malicious activity...

8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/23 4:19 p.m.4 views

Malicious code in hyatt-residential-roster (npm)

Package is malware. Collects and exfiltrates sensitive data to an external server. Suspicious install scripts execute the same script multiple times. The package communicates with a domain associated with malicious activity...

7.1AI score
Exploits0References1
OSV
OSV
added 2025/10/23 4:19 p.m.2 views

MAL-2025-48691 Malicious code in hyatt-residential-roster (npm)

Package is malware. Collects and exfiltrates sensitive data to an external server. Suspicious install scripts execute the same script multiple times. The package communicates with a domain associated with malicious activity...

7.1AI score
Exploits0References1
The Hacker News
The Hacker News
added 2024/10/02 10:0 a.m.16 views

Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations

Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. "While the attackers didn't succeed in deploying ransomware on the networks of any of the organizations affected,...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/25 2:8 p.m.28 views

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the...

7.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/10/14 4:2 a.m.16 views

brandonhyatt.com Cross Site Scripting vulnerability OBB-2994890

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/21 10:55 a.m.4 views

Malicious code in hyatt-mumbai (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c61966ba69950de5240373567d3c867d4da52e62a07093354189e072255d2783 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/07/21 10:55 a.m.6 views

MAL-2022-3732 Malicious code in hyatt-mumbai (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c61966ba69950de5240373567d3c867d4da52e62a07093354189e072255d2783 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Snyk
Snyk
added 2022/06/23 9:24 a.m.2 views

Malicious Package

Overview hyatt-mumbai is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

9.8CVSS7AI score
Exploits0References3
Openbugbounty
Openbugbounty
added 2021/11/03 6:20 p.m.8 views

hyattregencyyokohama.jp Cross Site Scripting vulnerability OBB-2230871

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/07/20 5:29 p.m.22 views

hyatt.webresort.co.kr Cross Site Scripting vulnerability OBB-1233187

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/07/03 12:16 a.m.6 views

manila.hyatthotel.co.kr Cross Site Scripting vulnerability OBB-1214407

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Hacker One
Hacker One
added 2019/01/13 9:17 a.m.19 views

Hyatt Hotels: Hyatt WeChat Secret, Baidu AK Secret, and mysql db credentials inadvertantly made publicly available

This one is slightly odd, so I've rated it a low, as I'm not able to confirm whether or not these are active creds/secrets it's late and I don't speak/read Chinese. During recon for hyatt.com, I stumbled across this github.com repo that seems to be for hyatt's wechat setup:...

7.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/09/21 10:22 a.m.15 views

newsroom.images.hyatt.com XSS vulnerability

Open Bug Bounty ID: OBB-678698 Description| Value ---|--- Affected Website:| newsroom.images.hyatt.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Rows per page
Query Builder