Malicious code in resulting_wildfowl_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 980169b90185c7b8889087abbb2abc78d17d3c19a4a77324b5e3a1a96c891caa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-2587 Malicious code in blackspammerbd-bot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 6fd0fbf90d161b67f6df5c7e057b6ac660066232b4565e893e9e72bc43c86a1b This package seems to be part of a larger malicious toolkit designed for unauthorized access to systems, data theft, and potentially acting as a...

MAL-2025-2598 Malicious code in bsb-connector (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron ed806140937f50b1f0283cc8d7f9feb4a85562c25574e2dd35cdb6548901e0a9 This package seems to be part of a larger malicious toolkit designed for unauthorized access to systems, data theft, and potentially acting as a...

Malicious code in connector-bsb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron eed0770278358269212ff3971e9c4ee9d5410676ea27a4feb6ae52fa8cb5484b This package seems to be part of a larger malicious toolkit designed for unauthorized access to systems, data theft, and potentially acting as a...

MAL-2025-2602 Malicious code in connector-bsb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron eed0770278358269212ff3971e9c4ee9d5410676ea27a4feb6ae52fa8cb5484b This package seems to be part of a larger malicious toolkit designed for unauthorized access to systems, data theft, and potentially acting as a...

MAL-2025-2586 Malicious code in blackspammerbd (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 610e92bd25b3f4e4206c9e4e0c321b5120bc85b6a01b289d192f78c53bff9ada This package seems to be part of a larger malicious toolkit designed for unauthorized access to systems, data theft, and potentially acting as a...

Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices

A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google's Threat Analysis Group TAG has revealed. The two distinct campaigns were both limited and highly targeted, taking advantage of the patch gap...

Where Have All The Exploit Kits Gone?

The bloom is off exploit kits. Once a mainstay for cybercriminals, attacks tied to exploit kits have now dried up to just a trickle. For sure, they haven’t gone away. But researchers say Angler, Neutrino and Nuclear, kits that once dominated the threat landscape, are gone; usurped by new threats...

Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild

Warning for Adobe users! Another zero-day vulnerability has been discovered in Adobe Flash Player that is actively being exploited by cyber crooks in drive-by download attacks, security researchers warned today. This is for the third time in last few weeks when Adobe is dealing with a zero day...