Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mapletree: Fixed the MASTATEPREALLOC flag in maspreallocate. The preallocation flag is temporarily cleared when explicit requests for allocations are made. Existing allocations are already counted against the request through...

Malicious code in amplitude-ma-ts (npm)

npm stealer. Hardcoded Discord webhook id 1497047226428690432 in postinstall Folder/bin/S.js. Exfils hostname, whoami, pwd, publicip api.ipify.org, /etc/hosts via Discord embed. v1.0.21 empty placeholder, v1.0.22 shipped payload — name-squat-then-poison. Typosquats @amplitude/ analytics scope...

MAL-2026-3028 Malicious code in amplitude-ma-ts (npm)

npm stealer. Hardcoded Discord webhook id 1497047226428690432 in postinstall Folder/bin/S.js. Exfils hostname, whoami, pwd, publicip api.ipify.org, /etc/hosts via Discord embed. v1.0.21 empty placeholder, v1.0.22 shipped payload — name-squat-then-poison. Typosquats @amplitude/ analytics scope...

EUVD-2025-140276

Malicious code in miands-ma-nuru npm...

EUVD-2025-143254

Malicious code in anita-manuat-ma npm...

EUVD-2025-143022

Malicious code in buis-suninna-ma npm...

EUVD-2025-143146

Malicious code in buis-manis-ma npm...

Malicious code in anita-manahuddat-ma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b3de13d54ba9842e6d52f3da49c6c944ccad04b31de8f5a2ad44f9ae82e6955 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-143259

Malicious code in anita-manahudat-ma npm...

EUVD-2025-143256

Malicious code in anita-manahuddat-ma npm...

EUVD-2025-143255

Malicious code in anita-manhuat-ma npm...

EUVD-2025-144454

Malicious code in hereis-ma-ta npm...

EUVD-2025-147280

Malicious code in uaragifa-ma-safufrat npm...

EUVD-2025-147282

Malicious code in uaragifa-ma-saf npm...

MAL-2025-160149 Malicious code in masako-ma-gunung (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c92d3a1b6ff70d760bec5f53ba28bb087419227a7503120d75b0f9e6d13af4b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-147278

Malicious code in uaragifa-ma-safurt npm...

EUVD-2025-147279

Malicious code in uaragifa-ma-safurat npm...

EUVD-2025-147276

Malicious code in uaragifa-ma-sauf npm...

EUVD-2025-147272

Malicious code in uaragifa-ma-sayuuf npm...

EUVD-2025-147271

Malicious code in uaragifa-ma-sf npm...