4582 matches found
PT-2025-49463
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists within the ext4 filesystem code, specifically in the ext4 fc record modified inode function. The issue arises because krealloc may return NULL, potentially preventin...
GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections
Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating government services. The activity, observed since October 2024, involves distributing...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Exploit for Improper Authentication in Oracle Concurrent_Processing
CVE-2025-61882 & CVE-2025-61884 EDIT: Oracle just disclose...
Malicious code in mui-xerxes-proxima-cassini (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1c12bceab74b6419a10feede58b31581319ad3c2259073f79ffd2d6f2445171 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in convict-writable-webpack-cosmogenic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d97564ab9fc4db43f4230b9d93ccc412d62ff1b73b25e6ee7eeca8c3f4298df7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in darkenergy-config-pulsar-development (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8854a12b87261a151a85d4e343a5d654007ddfc614096e8cc336e831d3deaa61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in exobiology-callback-commitlint-config-angular-slides (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d03030a05c5bd857db6811b031add8d86b357970bbd076059ac391ba964d545 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185523 Malicious code in archaeogenetics-astrochemistry-quark-chakra-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9101bb249512831ae69aebab145195c2c777abc6fba8d572f58c08df4437898b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188645 Malicious code in perturbation-thuban-neuromorphic-dynamo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2fa00f740ade73172c617afb80c51e53ffc4ec855be446bf8bdebf9b4ecc976 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186361 Malicious code in cosmos-geochemistry-sqlite-lint-staged (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94a4f28aa9524d563787af9035f4a58546934a5936e381248bff651323b64c82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188392 Malicious code in octans-prompts-hyperion-google (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82dfc59630dc6579e771d7439a8c775e0056caae7877235573ac6d2d0277f2dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186280 Malicious code in config-regulus-auth-ophiuchus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602504708c1fa23065534bfce58fb93eb8c0713426b28a6b5331ac55f1425922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190427 Malicious code in yaml-kappa-integer-uglify-serialize (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5709120aae91d82f17f9873aabc817934d9aa7a9f1c29aab1be869e515d63feb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186952 Malicious code in fermion-thermosphere-hawkingradiation-astrophysics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab3f94d8bd92593a24f0fd0e58ac635815bd45cc2fe9e1bc8f8966b92314a08e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185415 Malicious code in aldebaran-halley-eris-rollup-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ea1ee1c5006e870f575cd778508830625614ac4f6ee77b64e52cd1cf8e291c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188549 Malicious code in panspermia-seismology-yildun-figures (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e927520f20267093119cf7131661336e17c154be2ed667440613331992e1154b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in perseus-lyra-css-minimizer-webpack-plugin-loop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f7d3d9b81812427d006a9d83aedc8ab35ae99c772c8d05c7007ddb3d17c3f8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in higgs-biosignature-inflation-upgrade (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f6af5f94c074749c796605831b304d3b23f9cd7ecd27b0771334f6c877a95bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bunyan-radioastronomy-interstellarmedium-outercore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83cc54e68d097377490b89849ea3a8203a0b8b2af36ff8e9b2ab0361325f59df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...