Lucene search
K

18 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.17 views

Malicious code in @antv/word-scale-chart (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.12 views

Malicious code in @antv/g-plugin-physx (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/19 12:0 a.m.10 views

MAL-2026-3948 Malicious code in @antv/g-plugin-matterjs (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.13 views

Malicious code in @antv/g2-extension-3d (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/19 12:0 a.m.12 views

MAL-2026-3954 Malicious code in @antv/g-plugin-svg-renderer (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/17 7:52 p.m.12 views

CVE-2025-59141

simple-swizzle swizzles function arguments. On 8 September 2025, the npm publishing account for simple-swizzle was taken over after a phishing attack. Version 0.2.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect...

8.8CVSS6.8AI score0.00378EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/09/17 7:52 p.m.11 views

CVE-2025-59142

color-string is a parser and generator for CSS color strings. On 8 September 2025, the npm publishing account for color-string was taken over after a phishing attack. Version 2.1.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to...

8.8CVSS6.9AI score0.00378EPSS
Exploits0References9
OSV
OSV
added 2025/09/15 11:32 p.m.3 views

GHSA-PXX3-G568-HXR4 [email protected] contains malware after npm account takeover

Impact On 8 September 2025, the npm publishing account for color-convert was taken over after a phishing attack. Version 3.1.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's...

8.8CVSS6.7AI score0.00378EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/09/15 8:32 p.m.11 views

CVE-2025-59145 [email protected] contains malware after npm account takeover

color-name is a JSON with CSS color names. On 8 September 2025, an npm publishing account for color-name was taken over after a phishing attack. Version 2.0.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrenc...

8.8CVSS0.00473EPSS
Exploits0References5
OSV
OSV
added 2025/09/15 7:21 p.m.13 views

CVE-2025-59331 [email protected] contains malware after npm account takeover

is-arrayish checks if an object can be used like an Array. On 8 September 2025, an npm publishing account for is-arrayish was taken over after a phishing attack. Version 0.3.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to...

8.8CVSS6.7AI score0.00378EPSS
Exploits0References7
CVE
CVE
added 2025/09/15 7:10 p.m.26 views

CVE-2025-59144

CVE-2025-59144 concerns the npm package debug . On 8 Sep 2025, the npm publishing account was taken over via phishing and version 4.4.2 was published with a malware payload that attempts to redirect cryptocurrency transactions in browser environments (e.g., via direct script inclusion or bundlers...

8.8CVSS6.5AI score0.00378EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/09/15 7:9 p.m.9 views

CVE-2025-59140 [email protected] contains malware after npm account takeover

backlash parses collected strings with escapes. On 8 September 2025, the npm publishing account for backslash was taken over after a phishing attack. Version 0.2.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect...

8.8CVSS0.00378EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.4 views

PT-2025-37743

Name of the Vulnerable Software and Affected Versions: simple-swizzle version 0.2.3 simple-swizzle versions prior to 0.2.4 Description: The npm publishing account for simple-swizzle was compromised following a phishing attack. Version 0.2.3 was published with a malware payload designed to redirec...

8.8CVSS6.3AI score0.00378EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.3 views

PT-2025-37746

Name of the Vulnerable Software and Affected Versions debug versions 4.4.2 Description The npm publishing account for debug was compromised following a phishing attack on September 8, 2025. Version 4.4.2 was published with a malicious payload designed to redirect cryptocurrency transactions withi...

8.8CVSS6.3AI score0.00378EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.3 views

PT-2025-37748

Name of the Vulnerable Software and Affected Versions error-ex versions prior to 1.3.4 Description The error-ex npm package was compromised through a phishing attack resulting in the publication of version 1.3.3 containing a malware payload. This malware targets cryptocurrency transactions and...

8.8CVSS6.5AI score0.00378EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2021/12/07 12:0 a.m.13 views

UAParser.js 0.8.0 Embedded Malware

According to its self-reported version number, UAParjser.js is 0.7.29, 0.8.0 or 1.0.0. Therefore, it may be affected by an embedded malicious code vulnerability due to an hijack in the maintainer's NPM account led to including an embedded malicious crypto minor in this package. Specifically, the...

7.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/12/07 12:0 a.m.13 views

UAParser.js 1.0.0 Embedded Malware

According to its self-reported version number, UAParjser.js is 0.7.29, 0.8.0 or 1.0.0. Therefore, it may be affected by an embedded malicious code vulnerability due to an hijack in the maintainer's NPM account led to including an embedded malicious crypto minor in this package. Specifically, the...

7.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/12/07 12:0 a.m.10 views

UAParser.js 0.7.29 Embedded Malware

According to its self-reported version number, UAParjser.js is 0.7.29, 0.8.0 or 1.0.0. Therefore, it may be affected by an embedded malicious code vulnerability due to an hijack in the maintainer's NPM account led to including an embedded malicious crypto minor in this package. Specifically, the...

7.4AI score
Exploits0References2
Rows per page
Query Builder