MAL-2024-10924 Malicious code in dl-testes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d95a4eec24de9c1fcd629f451e4b7a7d855ef958422cf70011bef25928bb7ab1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8432 Malicious code in qlkube-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d87aacc83b4b0b0d9201968dc75c81eee7b94e2faa03aae434e083f3c825213 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-381 Malicious code in fca-anjelov5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eba1b88950fffb7a31b0198d26986dd299eec7409c8fa228081e1b9a62ea031e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-488 Malicious code in gsattrack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2958f45d2f7addf081dc9f6e0719b1e36a54ba2a40ba3bd8ccc0763cb7deacb1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-643 Malicious code in npo-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7254cfce2ac433959ef4d93d3b6849ceeefc1c407e39b4d5368c174d7fd72dad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Xss in compose mail functionaility

Description Reflected cross-site scripting or XSS arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way. Proof of Concept - Step1: login as normal user. - step2: click on webmail and click on compose. - step3: now enter "...

MAL-2022-2116 Malicious code in commandlinesage (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 162838389c5251e5f7f365f23bf9b5463692024d72a2efd2ad7cfd49e1fcd48d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-35 Malicious code in 4pahtoregexp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8b82e0a19cf5782c4e45bf31af96d276cb39e38315eea81d567c3488985d6948 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3935 Malicious code in ionicons-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe00741540fe3c9a94e59b4a511cd217e5b86817d5945e017674d4c92ccf11f6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4510 Malicious code in maybeconverthiveerrortoshakaneterror (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c5e13a8d5ff33f9362bccc915a8633f27bfeecbbb3872dfeeea1e370d6086e6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-331 Malicious code in @hex-/xd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7c40542c5fa4da5427ab22293d7941d4ba0a27e860872b0b32bc35a427d4a1a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Cross-site Scripting (XSS) - Reflected

Description Reflected cross-site scripting or XSS arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way. Proof of Concept 1.Login as admin administrator / administrator. 2.Access this URL...

Reddit: Reflected xss in https://sh.reddit.com

Summary: Reflected cross-site scripting or XSS arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way. Impact: attacker can execute malicious java script and steal cookies Steps To Reproduce: add details for how we can...

Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk

At a time when remote work is becoming universal and the strain on SecOps, especially in healthcare and critical industries, has never been higher, ransomware actors are unrelenting, continuing their normal operations. Multiple ransomware groups that have been accumulating access and maintaining...

Cynet Free IR Tool Offering Empowers Responders to Know and Act Against Active Attacks

The saying that there are two types of organizations, those that have gotten breached and those who have but just don’t know it yet, has never been more relevant, making sound incident response a required capability in any organization’s security stack. To assist in this critical mission, Cynet i...

CVE-2025-52977

CVE-2025-52977 entry is rejected/not used per the initial description.