50 matches found
MAL-2026-527 Malicious code in @santandergroup-uk/edgehome-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e512dc1f3fcaa6ef57a8b842e2f6afe53092e6b4dc6efa83f398b40c59e53a6b The package @santandergroup-uk/edgehome-components was found to contain malicious code. Source: ghsa-malware...
Proactive Malware Threat Management: A How-To Guide
Trying to defend against every potential malware attack is like trying to boil the ocean. You can’t be everywhere at once, and treating every vulnerability as a top priority is a surefire way to burn out your team. The old way of reacting to every alert simply doesn't scale. A modern defense...
EUVD-2025-105031
Malicious code in gita-asinan2-breki npm...
Malicious code in dian-buburayam64-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4c5240471a92bb15e8e3c6abe5dbb518c3ba045c87950243f07cd9507239f91 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2016-1653
Malware in sbrugna...
MAL-2025-6113 Malicious code in one-fixed-dep-bins (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3d275fc55fd1295739e28fef0ec616a970ad488e3ccc4fcb183fd48d8494815e Any computer that has this package installed or running should be considered...
MAL-2025-5880 Malicious code in @pmm-ux/asset-uploader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3d55463889147e38c097882b9f092f80284c39e9abddb7fba65570dc12906d7b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5891 Malicious code in appcenter-sampleapp-react-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8015d357cb8b89fe98c7076abd8ca3ea3146d43990de4f2410c5e2627a2fe970 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Favicon Trojans: Executable Steganography Via Ico Alpha Channel Exploitation
This paper presents a novel method of executable steganography using the alpha transparency layer of ICO image files to embed and deliver self-decompressing JavaScript payloads within web browsers. By targeting the least significant bit LSB of non-transparent alpha layer image values, the propose...
MAL-2025-5369 Malicious code in blurmph (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a388ac1fda2ec8130f5f2e3c7417a6d0c3ad7bc92a9c422c1ce7bafd296e1804 Any computer that has this package installed or running should be considered...
MAL-2025-5013 Malicious code in obfuscated (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d559efbc8df5a64ca2676526a199174c0a877291c1cd08cfb8db6a7536aad530 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4853 Malicious code in mockup-js-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d47de2f1ea832ed5ca1de7b318fac1b4e38fd7f83c2b66d97c4c38cfab1da216 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4636 Malicious code in @balajih4kr/postcss (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29b83a8b5260357625ba9fad6ee0649e25c265bd0127fe1a27f9130777766e6d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4455 Malicious code in vnc-viewer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b409d2b1ea3535147d71ddf23425fe3fe4d437ce0d5af96f32f80c094bccc009 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3981 Malicious code in angular-monash (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7281e9d55aa990f9d2ed6d6f8acc5d290a25f3d17fe641c841a5976b519e4844 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3990 Malicious code in directx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89c6fdb82cd7b28af322fd42d09eed2c86ab4e1893ca7bd21111555b14057428 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3747 Malicious code in @myop/angular-remote (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c529845135f67681059adf0cf2c0ef30da66673da293016d5c193e8162f8070 Withdrawn Advisory This advisory has been withdrawn because @myop/angular-remote is not malware. This link is maintained to preserve external references...
MAL-2025-3526 Malicious code in jsonsecs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1eeb6d8e8a22f3743e3e9a4d19a6c26029ac37f1389bd002a5f0b40213021a28 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3497 Malicious code in jd-npm-com-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f205097feb67db492d1ce42f141278ef445cb7792b8c530f866eb0a837e6d47 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Native Language Phishing Spreads ResolverRAT to Healthcare
Morphisec discovers a new malware threat ResolverRAT, that combines advanced methods for running code directly in computer memory,…...