Malicious code in @tse-digital/core (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

MAL-2026-5155 Malicious code in @ownit/core (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

MAL-2026-5154 Malicious code in @customer-threesixty/assets (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

Malicious code in @telenor-se/core (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

Malicious code in ignite-market-contractstest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9babd9b088785649368dbf885050b6a15b218a6b38d2dcd058f0c9eda5109da package.json declares a preinstall lifecycle hook that runs wget --quiet...

MAL-2026-4583 Malicious code in ignite-market-contractstest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9babd9b088785649368dbf885050b6a15b218a6b38d2dcd058f0c9eda5109da package.json declares a preinstall lifecycle hook that runs wget --quiet...

Malicious code in @sec-loans-ui/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da55a9be9d9f90abe00e16200ea17aa78f58643e40d872d04276453dfd8a88f9 Package is a hollow lure: index.js is a 35-byte stub module.exports = , description and author are empty, and the version is bumped to 99.9.1 — the...

Malicious code in @flipbit2-bb/test-auth-state (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52ba26e89d1aca1f10772bf4cc8c9b23a436a39a8442fdf4ba9abf6c4c890e63 On npm install, a postinstall script phone-home.js collects os.hostname, os.userInfo.username, process.platform + os.release, a timestamp, and a...

Malicious Package

Overview blz-internal-pkgupdate is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992214)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992214 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage There is an use-after-free reported by...

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm when storing encrypted data keys in an instruction file. An attacker with write access to the S3 bucket can manipulate encrypted data keys to cause decryption to unintended plaintext by...

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal due to unsafe path handling. An attacker can access, overwrite, or delete files outside the intended directories by supplying specially crafted names or archive entries containing path traversal sequences...

Jellysweep uses uncontrolled data in image cache API endpoint

Impact The /api/images/cache which is used to download media posters from the server accepted an url parameter, which was directly passed to the cache package and that downloaded the poster from this URL. This URL parameter can be used to make the jellysweep server download arbitrary content. The...

CVE-2022-50423

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage There is an use-after-free reported by KASAN: BUG: KASAN: use-after-free in acpiutremovereference+0x3b/0x82 Read of size 1 at addr ffff888112afc460 by task modprobe/2111...

MAL-2025-6731 Malicious code in internal-pkg (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

Malicious code in square-crypto-utils-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c2a693727e119b7e668536dcb77730f98ba80f9bcc2b03f5bbc80f53fea74d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4754 Malicious code in nginx-internal (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a0f4d116d3fd75c3c8061c91010e1f912625a9860c89e5af3d3c912296d06de Any computer that has this package installed or running should be considered...

Malicious code in nginx-internal (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a0f4d116d3fd75c3c8061c91010e1f912625a9860c89e5af3d3c912296d06de Any computer that has this package installed or running should be considered...

CVE-2023-6839

Due to improper error handling, a REST API resource could expose a server side error containing an internal WSO2 specific package name in the HTTP response...

MAL-2025-4363 Malicious code in internalwkl-1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 929f2a7e5622ef6954156300b8095508bdebc3f69573d35fdcdb9785504809ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...