185 matches found
Malicious code in eth-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f051957ac6f91e8567df873978b45c0c81a170f94decbd735d329f312ff1bb On require, index.js schedules a 37-second delayed routine that reads test/fixtures/keypairs.dat, base64-decodes it into /.cache-db/.node-sync/syncd....
Malicious code in jupiter-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8e0901ca45da110106c60f288b0166fc51c348a44569d7e7ff22af3d19deafe On import jupitersdk, the package's top-level init.py fetches a payload over HTTPS from a public IPFS gateway...
Malicious code in eth-agent (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3131490d64c4ae90de2926ca90f6fce23e6a113d1e6538db5ce98ffcf06983d1 The top-level ethagent/init.py performs an outbound HTTP fetch to a hardcoded IPFS gateway URL...
Malicious code in solidity-dev (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30501f6602a5b5b436ef5d6224ec332fa866c9e8b9da4d0de3bc69de868b1fff soliditydev/init.py contains a large base64-encoded Linux x8664 ELF binary in PAYLOADB64. On import soliditydev, the module decodes the blob, writes ...
Malicious code in tslint-conf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31b464b1646f8e2d36ce68a86af599cc49d5381f08af70302ff01f42957234a1 The package presents itself as the pino logger README, index.d.ts, docs/, and lib/ files all reference pinojs/pino but is published under the unrelat...
Malicious code in api-rs-node (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
MAL-2026-4348 Malicious code in api-rs-node (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
MAL-2026-4350 Malicious code in clobprice.api (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Malicious code in clob.api (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
MAL-2026-4349 Malicious code in clob.api (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Brave Desktop 1.90.121 Security Fixes
Changed IPFS gateway usage from "ipfs.io" to "inbrowser.link" for IPFS domain resolution. - Fixed broken address bar layout for narrow window widths. - Updated body-sniffing to respect "Content-Disposition: attachment" in de-AMP as reported on HackerOne by newfunction. Upgraded Chromium to...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: golangci-lint, haproxy-ingress, kyverno-policy-reporter-ui, fluxcd-kustomize-mutating-webhook, hugo, cloud-provider-aws, helm-mapkubeapis, terraform-provider-kubernetes, kserve-rest-proxy, newrelic-nri-statsd, telegraf, kubernetes-csi-external-resizer,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: golangci-lint, haproxy-ingress, kyverno-policy-reporter-ui, fluxcd-kustomize-mutating-webhook, hugo, cloud-provider-aws, helm-mapkubeapis, terraform-provider-kubernetes, kserve-rest-proxy, newrelic-nri-statsd, telegraf, kubernetes-csi-external-resizer,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: golangci-lint, haproxy-ingress, kyverno-policy-reporter-ui, fluxcd-kustomize-mutating-webhook, hugo, cloud-provider-aws, helm-mapkubeapis, terraform-provider-kubernetes, kserve-rest-proxy, newrelic-nri-statsd, telegraf, kubernetes-csi-external-resizer,...
CVE-2026-32288 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, runc, bom, nsc, amazon-ecs-agent-fips, harbor, azure-aad-pod-identity-mic, amazon-ecs-cni-plugins-fips, kubernetes-fips, helm-push, kyverno, terraform-fips, tigera-operator-fips, flux-helm-controller, mattermost, kbld, rclone-fips,...
GHSA-X4JJ-H2V8-HQQV vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, runc, bom, nsc, amazon-ecs-agent-fips, harbor, azure-aad-pod-identity-mic, amazon-ecs-cni-plugins-fips, kubernetes-fips, helm-push, kyverno, terraform-fips, tigera-operator-fips, flux-helm-controller, mattermost, kbld, rclone-fips,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: gitaly-fips, scanner-test-golang-vulnerability-fixed, crossplane-function-go-templating, tetragon-fips, nsc, go-discover, seaweedfs-operator, dcgm-exporter, goose, amazon-ecs-cni-plugins-fips, crossplane-provider-aws-route53-fips, supercronic-fips, mc,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: kube-state-metrics, gitaly-fips, mcp-grafana-fips, volume-modifier-for-k8s-fips, scanner-test-golang-vulnerability-fixed, aws-efs-csi-driver-fips, crossplane-function-go-templating, crossplane-provider-aws-s3-fips, spilo, multus-cni-fips, tetragon-fips, runc,...
GHSA-378J-3JFJ-8R9F vulnerabilities
Vulnerabilities for packages: k3s, ipfs-cluster, spegel...
CVE-2026-35480 vulnerabilities
Vulnerabilities for packages: k3s, ipfs-cluster, spegel...