2 matches found
Malicious code in bitha-95 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c38f1060d15271a31ac47c03d4f93b1499ceb7448ea9131bffeb9d6013a38085 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
ansible: dnf module install packages with no GPG signature
A flaw was found in the Ansible Engine when installing packages using the dnf module. GPG signatures are ignored during installation even when disablegpgcheck is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code...