5 matches found
Malicious code in @antv/g-plugin-canvas-path-generator (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
CVE-2025-69443
Remote Code Execution in coleam00 Archon 0.1.0. A crafted HTML page, when accessed by a victim, can execute commands, run prompts on behalf of the user, control the Archon UI features, and steal all Archon information available on the UI including API keys...
MAL-2026-2462 Malicious code in strapi-plugin-form (npm)
strapi-plugin-form is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topology. I...
MAL-2022-653 Malicious code in @tinkoff-react-bui/dropdown (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73961a7d1008be0e12fdd9c028ff94d21d7dd7427b3006f6dd4d37d6cd1de717 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Recurly Client Python Library Server-Side Request Forgery Attack Vulnerability
Recurly Client Python Library is a Python API wrapper for Recurly from Recurly USA. A server-side request forgery attack vulnerability exists in the 'Resource.get' method in the Recurly Client Python Library. An attacker could use this vulnerability to take control of API keys or other important...