183 matches found
PT-2026-46339
That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...
MAL-2025-191010 Malicious code in set-nested-prop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e3ace4ffb79a5de4b7a82ae75ffdcccb6233dce2bfa2a4f32f70a3dc6921a03 The package set-nested-prop was found to contain malicious code. Source: ghsa-malware 35b0b9a8f67ec13668f93a14f45e037dc7cb3c33fa4c688e13b10a3cd2c5d3a...
Malicious code in @company-internal/logger (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d0932de39c3f8c9bcb34c9f241df2d154d4659532cfddb67ddd06e283c38c14 Any computer that has this package installed or running should be considered...
Malicious code in cascading-picklists-extenstion (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7fa598a6ca358e662bbce1a99296fb4e87cfeb954903eed14989fd61bc8bf0db Any computer that has this package installed or running should be considered...
MAL-2025-3900 Malicious code in lcs-ui-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b66ec079f142a51c33d484015aab0384b514dca3415e27b84138f92dd2ea818 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2185 Malicious code in node-unzip (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cd99263d19f7c6599d64abff02934e9d436d39de9b4b3c4f1d3984ccb85956f1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1579 Malicious code in com.google.play-games-pc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89482dfb2083648706902d58c49dbe79b54f0e6ab3614bb3f528f8b1fba92cf9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11131 Malicious code in communication-bridge (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca24ad613d55f6103dd8e2bc5a903d213746087f94a99f3646d3d13da75b82ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11082 Malicious code in rtn-centered-text (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8c2f20177c95333172f2abb0596c37a5b6c2a294dcd40dda5a0608b6f83778b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11049 Malicious code in linencloth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 999ba2244ac8c4672c2eb7c235f23d6b1274cb293a3a8596b0f4d98670459dbc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11013 Malicious code in tracking-wtf (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f6c419e01391037aa9cad91f15a45a36a535cf2a7cee66dfe6a8814f2da5eec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11010 Malicious code in string-process-mate (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2df355e26d748442b2bef75aff72f4bc8a791379093da56fffb1f7b7d9336ecd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10989 Malicious code in n-http-proxy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c13801d43d60af89b56b44fb645f8cd6e571abf340332c2d4031b29aab946043 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10707 Malicious code in p-http (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e6020c72434d3e7647714902b693a6b7724105d815480ccd6ea906112b33e23 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10623 Malicious code in wavs-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23292d68d4faeef5d972ec10be124e29ba31892999b6d475b00b150885570d5e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10612 Malicious code in chanlink (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94c4370f8d1133d9a796dd12e74b00fc89de84b39804694edef24b43f73ed33d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10516 Malicious code in pupeteer-autoscroll-down (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 07b42fbcf99a7e9c692dfe053d165eda55a768e69368aa7f9b0aa53e500a3a5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10440 Malicious code in wb-eth3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2061eab14aeb54b59ae68e0b58b1b8ae77a9a9a252407ae77eab392c71ef9c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in osm-legal-speed (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efce0e1706c67e16298e03b91dcd0069873eae6922136c002862891d7579ffc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9317 Malicious code in 8ng20w (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b86d887f2afb2a015165a69ce12df9c8e62083c1b2368bd4045edb72417b6ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...