Malicious code in @emilgroup/tenant-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d887c661a1552423bf923bf1028ef4aabb762dc2fa329db39e8b4552ce32803 The package @emilgroup/tenant-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @teselagen/react-table (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35f0735aa86d1091b1512a81fb01bb052f137bb071faaadd8c7e0713abac239b Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in lovable-ci (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 383c94c307a9e3918b3e8a1296016307e7d4379f743893becd41721604736176 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-59037

DuckDB is an analytical in-process SQL database management system. On 08 September 2025, the DuckDB distribution for Node.js on npm was compromised with malware along with several other packages. An attacker published new versions of four of DuckDB's packages that included malicious code to...

CVE-2025-59037 DuckDB NPM packages 1.3.3 and 1.29.2 briefly compromised with malware

DuckDB is an analytical in-process SQL database management system. On 08 September 2025, the DuckDB distribution for Node.js on npm was compromised with malware along with several other packages. An attacker published new versions of four of DuckDB's packages that included malicious code to...

PT-2025-36966

Name of the Vulnerable Software and Affected Versions: DuckDB versions 1.3.3 @duckdb/node-api version 1.3.3 @duckdb/node-bindings version 1.3.3 @duckdb/duckdb-wasm version 1.29.2 Description: DuckDB packages distributed for Node.js on npm were compromised with malware intended to interfere with...

WordPress Gravity Forms Plugin 2.9.11.1 < 2.9.13 Malware Compromise Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediaburst:gravityforms"; if description...

Malicious code in okta-core-component (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32a2bc49ecdb3be636c0bbd744a8e1b52eb5b19d91316f69ce08d9cf870ed247 Any computer that has this package installed or running should be considered...

Malicious code in rest-icon-orchestrator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21efc3fdff6697baee6fe3ec8b62837d3ee9fa549ec7fc39595559ab5691f3fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in fca-chan (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f08fe489db5da6b673eeb10faaccf599c46ae3413b6cd76f4a56ab5c6d1b3780 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in slit-stged (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3116d85a33a5a8681997e85af05a1acc2e2f10577a33a7add7b077ec4e624c99 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ryjqvlxozpdcubta (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dda03dacf652f716fb00148330529a844970d86d86647793e767c1b95370203a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in twitch-desktop-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb1923dc3410d8b1c50d489035a63db1af63fb802bb855ba1df1d7670e9eac1d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5486 Malicious code in proof-of-reserves-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efc1a7cc6dc4eb24fd26c62eeda8749353598634ddf7451d63f4eb1cab8dad81 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in orchid-bandwidth-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17d250ee542e6dad39facbe71433ee1ce4d8dae88930886fb5011b4310640410 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in shitshit12 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff36d1edaa246998989bb87b9e9acd5816b43ad9c7d2bfcd7c136c2b83ccb894 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Backdoor.Win32.Cafeini.08.b Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8225bb6b430d5cdf523c4d0cabbe5793.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Cafeini.08.b Vulnerability: Missing Authentication Description: The backdoor is writt...

M-Shield & kingof - Fake Malware Backdoor Plugins

Sucuri Labs found that the M-Shield & kingof fake WordPress plugins were used as malware droppers, with the initial compromise likely coming from another legitimate vulnerable WordPress plugin security vulnerability...

Virus removal website compromised to serving malware

Virus removal website compromised to serving malware One of the Famous Virus Removal Service website : laptopvirusrepair.co.uk is compromised and Hacker is Serving Malware on the website. In above screenshot Avira detects the JS/Blacole.psak Java script Virus hosted on the site. The snippet of co...