CVE-2025-54313

eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows...

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

The following Rapid7 team members contributed to this blog: Ipek Solak, Thomas Elkins, Evan McCann, Matthew Smith, Jake McMahon, Tyler McGraw, Ryan Emmons, Stephen Fewer, and John Fenninger Overview Justice AV Solutions JAVS is a U.S.-based company specializing in digital audio-visual recording...

Beware! Undetectable CrossRAT malware targets Windows, MacOS, and Linux systems

Are you using Linux or Mac OS? If you think your system is not prone to viruses, then you should read this. Wide-range of cybercriminals are now using a new piece of 'undetectable' spying malware that targets Windows, macOS, Solaris and Linux systems. Just last week we published a detailed articl...

MS Windows Malformed IP Options DoS Exploit (MS05-019)

Exploit for unknown platform in category dos / poc ====================================================== MS Windows Malformed IP Options DoS Exploit MS05-019 ====================================================== / ecl-winipdos.c - 16/04/05 Yuri Gushin Alex Behar This one was actually interestin...