Lucene search
K

4 matches found

Packet Storm News
Packet Storm News
added 2026/06/05 12:0 a.m.11 views

Demand-Driven Vulnerability Detection for Cloud Security Posture Management: Removing Human Rule Authoring from the Disclosure-To-Protection Critical Path

Cloud Security Posture Management CSPM systems detect known vulnerabilities by maintaining a rule set, distributing it to customers, and evaluating it against periodically-collected asset inventories. To our knowledge, in publicly documented architectures the rule set is environment-agnostic and...

5.4AI score
Exploits0
OSV
OSV
added 2022/07/21 10:55 a.m.9 views

MAL-2022-4272 Malicious code in ledger-live-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6181eb8571a997bee121a596d871f926f1b02d4e875a57d1a3fc9025338f7a25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/21 10:55 a.m.6 views

Malicious code in ledger-live-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6181eb8571a997bee121a596d871f926f1b02d4e875a57d1a3fc9025338f7a25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Snyk
Snyk
added 2022/06/23 9:25 a.m.5 views

Malicious Package

Overview ledger-live-assets is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packag...

9.8CVSS7AI score
Exploits0References3
Rows per page
Query Builder