Malicious code in pinno-loggers (npm)

pinno-loggers is a malicious npm package that depends on terminal-logger-utils and triggers the malicious behavior in that package when installed or imported. The terminal-logger-utils payload executes a postinstall hook that opens utils.cjs, an obfuscated malware dropper. The dropper downloads a...

MAL-2026-4196 Malicious code in pinno-loggers (npm)

pinno-loggers is a malicious npm package that depends on terminal-logger-utils and triggers the malicious behavior in that package when installed or imported. The terminal-logger-utils payload executes a postinstall hook that opens utils.cjs, an obfuscated malware dropper. The dropper downloads a...

Malicious Package

Overview console-loggers is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-2169 Malicious code in console-loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a453dd193f8ddd250ba6ade5c711f845eced766f664cb75f7969f064a94b86f The package console-loggers was found to contain malicious code. Source: ghsa-malware 4172c3551666d2ed6e2691429d3929465e9f862f0967ff39fcad41faf23fb20...

Malicious code in console-loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a453dd193f8ddd250ba6ade5c711f845eced766f664cb75f7969f064a94b86f The package console-loggers was found to contain malicious code. Source: ghsa-malware 4172c3551666d2ed6e2691429d3929465e9f862f0967ff39fcad41faf23fb20...

Malicious code in pretty-loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ac086b231c77fe68e31ce08ba212f70807936ae95b86d5af7fce505d9e20118 The package pretty-loggers was found to contain malicious code. Source: ghsa-malware 0218f0b3be8b1ccf4ed897adca433d157feeee1163f03cf8ed2e0b435ad90e8e...

MAL-2026-1964 Malicious code in pretty-loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ac086b231c77fe68e31ce08ba212f70807936ae95b86d5af7fce505d9e20118 The package pretty-loggers was found to contain malicious code. Source: ghsa-malware 0218f0b3be8b1ccf4ed897adca433d157feeee1163f03cf8ed2e0b435ad90e8e...

Malicious Package

Overview pretty-loggers is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

METZ CONNECT多款产品 安全漏洞

METZ CONNECT Energy-Controlling EWIO2-M and others are products of METZ CONNECT, Germany.METZ CONNECT Energy-Controlling EWIO2-M is a high performance data logger.METZ CONNECT Energy- Controlling EWIO2-M-BM is a high performance data logger.METZ CONNECT Ethernet-IO EWIO2-BM is a sensor and actuat...

METZ CONNECT多款产品 安全漏洞

METZ CONNECT Energy-Controlling EWIO2-M and others are products of METZ CONNECT, Germany.METZ CONNECT Energy-Controlling EWIO2-M is a high performance data logger.METZ CONNECT Energy- Controlling EWIO2-M-BM is a high performance data logger.METZ CONNECT Ethernet-IO EWIO2-BM is a sensor and actuat...

Malicious Package

Overview lovable-loggers is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview cookie-loggers is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2025-33629

Malicious code in vite-next-loggers npm...

Malicious Package

Overview vite-next-loggers is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in vite-next-loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349c5908fb3c2430a77d9a6c96edebbbbda04c5d50a0826b4c0f7e8d002ba345 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48269 Malicious code in vite-next-loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349c5908fb3c2430a77d9a6c96edebbbbda04c5d50a0826b4c0f7e8d002ba345 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2009-3851

Malware in sbrugna...

CVE-2025-10050

The Developer Loggers for Simple History plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.5 via the enabledloggers parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute...

WordPress Developer Loggers for Simple History plugin file inclusion vulnerability

WordPress Developer Loggers for Simple History plugin is a logging plugin designed for developers, mainly used to record operational changes in the process of website development or maintenance, to help track issues and optimize site functionality. A file inclusion vulnerability exists in the...

CVE-2025-10050 Developer Loggers for Simple History <= 0.5 - Authenticated (Admin+) Local File Inclusion

The Developer Loggers for Simple History plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.5 via the enabledloggers parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute...