Lucene search
+L

27 matches found

osv
osv
added 2026/06/30 2:10 p.m.6 views

MAL-2026-6678 Malicious code in ts-linting-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c719aef78218f6b59b9f209c41eff610782c86c2ced5aeabe288218ac3c4f880 On npm install, the package's postinstall script test.js invokes routines in index.js that recursively scan the current working directory and the...

6AI score
Exploits0References2
ossf
ossf
added 2026/03/16 12:0 a.m.10 views

Malicious code in vitest-globals (npm)

The package 'vitest-globals' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...

5.5AI score
Exploits0References3
osv
osv
added 2025/10/29 11:55 p.m.3 views

MAL-2025-49090 Malicious code in quantum-packages (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 144aa1474c1b5043966e321c81c29f0fae41f764e0948ee5491baa14a08563b1 The package quantum-packages was found to contain malicious code. Source: ghsa-malware 615e247f6ecd82d6ec0aacb0855b7a222aef75c2834a024b3b99ee38c2e7fb...

6.9AI score
Exploits0References1
ossf
ossf
added 2022/06/20 8:11 p.m.2 views

Malicious code in node-cron-master (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae251f427512a885e950ac70e8039b90f8ef6d22e8393886461f599805dc0688 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
packetstorm
packetstorm
added 2021/09/10 12:0 a.m.198 views

HEUR.Trojan.Win32.Generic Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a6916fb9b824e3d2edfe46be69ca2501.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Generic Vulnerability: Insecure Permissions Description: The malware creates an di...

7.4AI score
Exploits0
schneier
schneier
added 2021/01/28 12:2 p.m.53 views

Police Have Disrupted the Emotet Botnet

A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware. Subjects of emails and documents in Emotet campaigns are...

0.8AI score
Exploits0
thn
thn
added 2019/09/18 1:0 p.m.2 views

Smominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last Month

Insecure Internet-connected devices have aided different types of cybercrime for years, most common being DDoS and spam campaigns. But cybercriminals have now shifted toward a profitable scheme where botnets do not just launch DDoS or spam—they mine cryptocurrencies as well. Smominru, an infamous...

6.9AI score
Exploits0
threatpost
threatpost
added 2017/06/22 1:11 p.m.11 views

Microsoft Says Fireball Malware Threat 'Overblown'

Check Point has ramped down its projections on the impact of the recently disclosed Fireball malware after Microsoft called its initial numbers into question. Details on Fireball were published June 1 by Check Point, which said the malware was the work of a Chinese digital marketing agency called...

0.4AI score
Exploits0References5
mmpc
mmpc
added 2016/11/08 4:0 p.m.24 views

MSRT November 2016: Unwanted software has nowhere to hide in this month’s release

We came across a browser modifier that sports rootkit capabilities. Not only does the threat, detected as BrowserModifier:Win32/Soctuseer, cross the line that separates legitimate software from unwanted, it also takes staying under the radar to the next level. Rootkit capabilities, which make it...

6.6AI score
Exploits0
threatpost
threatpost
added 2015/06/02 1:38 p.m.16 views

Machines Infected by Locker Ransomware Decrypted

Update: Computers infected by the Locker crypto-ransomware were today decrypted as promised by the malware’s author, who last week posted the decryption keys to an upload site and apologized for releasing the malware. Lawrence Abrams of Bleeping Computer said the infected computers were decrypted...

7.4AI score
Exploits0References7
threatpost
threatpost
added 2013/11/20 3:45 p.m.12 views

Illegal Online Marketplaces Booming

A complete bundle of personal information hackers require to steal identities is available on the underground for as little as $25. The data, known as Fullz in underground parlance, includes name, address, phone number, date of birth, Social Security or EIN numbers, email address with password an...

0.3AI score
Exploits0References1
threatpost
threatpost
added 2013/04/05 1:57 p.m.7 views

Skype Malware Stealing Victims' Processing Power to Mine Bitcoins

Bitcoin may still be a virtual unknown quantity for most people, but the digital currency has not escaped the notice of attackers, many of whom are turning their attention to finding ways to use the system for their own gains. The attacks against Bitcoin exchange Mt. Gox and hack of Instawallet...

1.9AI score
Exploits0References3
threatpost
threatpost
added 2013/02/06 7:28 p.m.8 views

Botnet Operation for Dummies

Are you a self-starter with little or no technical skills looking to join the rapidly expanding, ethically dubious cybercrime industry? If you answered yes to this question, then the do-it-yourself, HTTP-based botnet profiled on Webroot by Dancho Danchev may be just the opportunity you’ve been...

1.1AI score
Exploits0References1
threatpost
threatpost
added 2012/08/10 3:57 p.m.6 views

Researchers Release Detection Tool For Gauss Malware's Palida Narrow Font

One of the many mysteries around the discovery of the Gauss malware is why the tool installs a new font called Palida Narrow on infected machines. Researchers have been unable to figure out yet what the purpose of the font is, but as its presence on a PC is a good indicator of a Gauss infection,...

1AI score
Exploits0References4
threatpost
threatpost
added 2012/08/07 3:48 p.m.191 views

Alleged Mariposa Botmaster in Court

One of the men authorities allege to have been behind the massive–and now dead–Mariposa botnet, has gone on trial in Slovenia, more than two years after the initial arrests and takedown of the network. Mariposa was one of the first handful of botnets that authorities and security researchers work...

9.3CVSS1.6AI score0.99945EPSS
Exploits33References2
threatpost
threatpost
added 2012/04/24 3:44 a.m.10 views

Authorities Renew Campaign to Disinfect Computers Before July 9

With a deadline to pull surrogate servers extended, the FBI has launched a new campaign to prevent up to 350,000 computer users from losing Internet access this summer – including those tied to Fortune 500 companies and government agencies like NASA. Over the weekend, news media outlets began...

1.1AI score
Exploits0References2
threatpost
threatpost
added 2012/04/12 5:40 p.m.8 views

Apple, Following Microsoft's Lead, Plans to Disable Flashback Botnet

Apple, which usually doesn’t get involved much in security issues outside of issuing patches when needed, said it is working with internet service providers around the world to disable the Flashback botnet’s command and control servers. Flashback exploits a security flaw in Java, Apple explains,...

1.1AI score
Exploits0References3
threatpost
threatpost
added 2012/04/06 7:15 p.m.9 views

Researchers Confirm 600K-Strong Flashback Botnet Is Mostly Mac

Kaspersky Lab researchers say that analysis of the Flashfake botnet confirms the size of the malicious network and that it consists mostly of Mac OS X machines. Researchers at Kaspersky wrote on Friday that they were able to reverse engineer the domain generation algorithm used by the botnet, the...

2.3AI score
Exploits0References3
threatpost
threatpost
added 2012/04/06 3:10 p.m.6 views

Questions Abound On Size and Makeup of Flashback Botnet

The botnet assembled by the Flashback Trojan that’s been infecting Macs in recent months is turning out to be a rather difficult one to pin down. Researchers have said that the network of compromised machines may be upwards of 600,000, while newere estimates say that it’s more likely in the...

0.4AI score
Exploits0References2
threatpost
threatpost
added 2012/04/05 2:54 p.m.11 views

Flashback Mac Trojan Hits More than 500K Machines

The Flashback Trojan that has been infecting Mac OSX machines of late appears to have become the most successful piece of Mac-based malware in the short history of such things. Researchers say that there have been upwards of 500,000 Macs infected by the malware, and that number may still rise...

0.3AI score
Exploits0References4
Rows per page
Query Builder