39 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...
Internet Malware Propagation: Dynamics and Control through SEIRV Epidemic Model with Relapse and Intervention
Malware attacks in today's vast digital ecosystem pose a serious threat. Understanding malware propagation dynamics and designing effective control strategies are therefore essential. In this work, we propose a generic SEIRV model formulated using ordinary differential equations to study malware...
MAL-2025-190748 Malicious code in @posthog/agent (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 183eda8dff43d0fa91f3006a2c3af5a268788a2dc9be3e53bd44d685b02f8432 The package @posthog/agent was found to contain malicious code. Source: ghsa-malware 1e1b7c3425dec8a1aa33daab74dd9163958811fa344ee6f8a795252daec78529...
MAL-2025-47290 Malicious code in @ui-ux-gang/devextreme-rpk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc643d20a812778984d46636db2ea2e7e08c97ca2710b212c0b07a023461df59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47400 Malicious code in db-evo (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dcfee85aff3b81b44dcc0c4c4fe99e193de46de665f2a0fe31221fcc6415c305 Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in @operato/popup (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 211d1a1f6ff1362c33afe9e1d91ae471476a624a0bc79a2ef3a1a74d7fc4189d Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47349 Malicious code in teselagen-interval-tree (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5be8aa7e96bbc224f7710d909c33b01b94f9386af11f8ba0303cd58104d6db1b Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in @teselagen/react-table (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35f0735aa86d1091b1512a81fb01bb052f137bb071faaadd8c7e0713abac239b Any computer that has this package installed or running should be considered fully compromised. All...
Understanding Malware Propagation Dynamics through Scientific Machine Learning
Accurately modeling malware propagation is essential for designing effective cybersecurity defenses, particularly against adaptive threats that evolve in real time. While traditional epidemiological models and recent neural approaches offer useful foundations, they often fail to fully capture the...
Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi
Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple's AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting the proprietary wireless technology. The shortcomings have been collectively...
Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices
Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada. "More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia," Kaspers...
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker
A new investigation has unearthed nearly 200 unique command-and-control C2 domains associated with a malware called Raspberry Robin. "Raspberry Robin also known as Roshtyak or Storm-0856 is a complex and evolving threat actor that provides initial access broker IAB services to numerous criminal...
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Targets Over 6,000 Devices
Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team. "The botnet exploits a remote code execution RCE vulnerability in TP-Link Archer routers CVE-2023-1389 to spread itself automatically over the...
Mass Campaign of Murdoc Botnet Mirai: A New Variant of Corona Mirai
The Qualys Threat Research Unit has uncovered a large-scale, ongoing operation within the Mirai campaign, dubbed Murdoc Botnet. This variant exploits vulnerabilities targeting AVTECH Cameras and Huawei HG532 routers. It demonstrates enhanced capabilities, exploiting vulnerabilities to compromise...
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "takes advantage of misconfigured DNS records to pass email protection techniques,"...
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform...
JStachio XSS vulnerability: Unescaped single quotes
Impact Description: JStachio fails to escape single quotes ' in HTML, allowing an attacker to inject malicious code. Reproduction Steps: Use the following template code: html Set the value variable to ' onblur='alert1. java public class Escaping public static void mainString args Model model = ne...