Malicious code in trgrip (npm)

trgrip is a malicious npm package that when imported downloads a C2 dropper from https://44.206.172.239:7443/direct/download/97900a0e-c691-483a-a988-97b76f205c0f and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in tailwind-typography-cssstyle (npm)

tailwind-typography-cssstyle is a malicious npm package that when imported downloads a C2 dropper part of PolinRider campaign from crypto transactions and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in simple-auth-basic (npm)

simple-auth-basic is a malicious npm package that when imported downloads a C2 dropper from https://coingecko-liard.vercel.app and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8802844b712eedf88f3862f4e836efd3a767ee4944f6ec3b8c3fbe849fd741b The...

MAL-2026-2906 Malicious code in swplayer-react-sl (npm)

swplayer-react-sl is a malicious npm package that when imported downloads a C2 dropper from https://coingecko-liard.vercel.app and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb25be00997a0e21d0d5337b89729fe6c3a99c9364f8a46d4b2e2a828e845f54 The...

MAL-2026-2904 Malicious code in trackora-node (npm)

trackora-node is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2903 Malicious code in trackora-chain (npm)

trackora-chain is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2902 Malicious code in lockedin-chai-chain (npm)

lockedin-chai-chain is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2897 Malicious code in chai-beta (npm)

chai-beta is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/XRGF3 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in trackora-node (npm)

trackora-node is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2888 Malicious code in chai-as-encrypted (npm)

chai-as-encrypted is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/29ebd497b6f232e6b0a9 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-as-type (npm)

chai-as-type is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/c26313f0733957a7d787 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2893 Malicious code in chai-as-mobj (npm)

chai-as-mobj is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/31bccfbf4ee2732207a4 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2900 Malicious code in dotenv-pack (npm)

dotenv-pack is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/5b357f718ab4ee355003 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

EUVD-2026-22962

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

EUVD-2026-22973

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

EUVD-2026-22970

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

MAL-2026-2696 Malicious code in bfx-hf-strategy-perf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aac057221646f5043eab6606ba990a3a112afc149c583347e40321643deab7ba The package bfx-hf-strategy-perf was found to contain malicious code. Source: ossf-package-analysis...

CVE-2026-20180

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

CVE-2026-20147

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

CVE-2026-30625

Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality. The application allows users to define MCP tasks with arbitrary command and args values. Although an allowlist exists, certain allowed commands npm, npx accept argument flags that enable...