Malicious code in @spoonflower/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e29845a092ba3a019d35adbb88e7fb15512c600cb11fceab06cb845fca75dbd2 The package @spoonflower/ui was found to contain malicious code. Source: ghsa-malware 68f97ac64dba33bf11aa1a9ae810a78f7fb21470e2ccce80e8975cc56d012a7...

Malicious code in mad-2.4.1.2.2.8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 56c6fc06b90e0e637cc8ef419f8a5844e909deaf9cc68f1c73e231757e6f214a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @loybung/unicode-fonts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 977a645be3c24178c2efe83570b0da277294e1f25f354f1e01934a67a92ccf8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ib-ai-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 547c2e4af2cd8eed422db2ccf1d7975144a2418c9663d76dff5e00b13e447347 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in karma-fest-preprocessor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12fc59d44987dfafc3d0226a2629d1aa8294664f22936a59406d8e77b6695b2a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tappp-tv-ui-libs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd1544816d5c47d2cf89aa1115143bf167835899d95470b01cb8f3a49c497835 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @lbnqduy11805/redesigned-journey (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d19f2fc0c7ff93d8800786c36451ee9bba3a43f050f0f3b2628d305addac6112 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2312-1507 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e59358cb28ffae294a0c12bc19cba69d1e1d3d6b926f0f3c415371efd4724b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8559 Malicious code in autocomplete-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a9655da8503f9549c9411d13c7b5306dd5b29247b41ee5857561d74aa7c118dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and "decelerate" its growth. The tech giant's Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to "not...

Malicious code in messari-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a072bdbaad86e82262374e6152333306d93d853bc39ac101d49436743c6d5220 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sample-npm-balu (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ecb084b1dde48d4a46f413a149ebc77b89e5d1bd24457ad56139ece2695e7dc8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

US Cyber Command and Microsoft Are Both Disrupting TrickBot

Earlier this month, we learned that someone is disrupting the TrickBot botnet network. Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly...

Malicious USB Drives Infect 35,000 Computers With Crypto-Mining Botnet

Cybersecurity researchers from ESET on Thursday said they took down a portion of a malware botnet comprising at least 35,000 compromised Windows systems that attackers were secretly using to mine Monero cryptocurrency. The botnet, named "VictoryGate," has been active since May 2019, with infectio...

TrickBot Now Exploits Infected PCs to Launch RDP Brute Force Attacks

A new module for TrickBot banking Trojan has recently been discovered in the wild that lets attackers leverage compromised systems to launch brute-force attacks against selected Windows systems running a Remote Desktop Protocol RDP connection exposed to the Internet. The module, dubbed "rdpScanDl...

U.S. Government Goes After North Korea's Joanap Botnet

The U.S. Justice Department is looking to retaliate against North Korea-linked hackers who have built up a massive global network of infected computers. The department announced on Wednesday that it would seek to map out the Joanap botnet, which has been built and controlled by North Korea-linked...

FBI Sinkholes $38M Global Ad Fraud Operation

The FBI has taken control of 31 web domains in a widespread takedown of a multi-year, global ad fraud campaign, believed to have stolen at least $38 million, partly via a botnet strategy. In addition, eight defendants face a 13-count indictment from a federal court in Brooklyn in the case. The...

Massive Malspam Campaign Finds a New Vector for FlawedAmmyy RAT

A widespread spam campaign from the well-known financial criminal group TA505 is spreading the FlawedAmmyy RAT using a brand-new vector: Weaponized PDFs containing malicious SettingContent-ms files. The SettingContent-ms file format was introduced in Windows 10; it allows a user to create...

Feds Shut Down 'Longest-Running' Andromeda Botnet

In a coordinated International cyber operation, Europol with the help of international law enforcement agencies has taken down what it called "one of the longest-running malware families in existence" known as Andromeda. Andromeda, also known as Win32/Gamarue, is an infamous HTTP-based modular...

Malicious Cryptocurrency Mining tool turns Computers into Zcash Mining Machines

Since its launch over a month ago, new virtual currency Zcash ZEC has become a significant way for cybercrooks to make money by infecting computers with software mining program. Launched in late October, Zcash ZEC is a new cryptocurrency currency that claims to be more anonymous than Bitcoin, as...