244 matches found
CVE-2026-47181 PenguinMod-BackendApi: NoSQL Injection in Password Reset Endpoint Allows Account Takeover
PenguinMod-BackendApi is the backend api for penguinmod. Prior to version 1.0.0, a NoSQL injection vulnerability in the password reset endpoint allows any authenticated user to change the password of an account, leading to full account takeover. An attacker only needs a registered account and a...
CVE-2021-41872
Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service...
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows
In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection rates that was discovered through AI-powered threat hunting and in-depth malware analysis...
EUVD-2025-120025
Malicious code in comprehensive-silver-penguin npm...
MAL-2025-140999 Malicious code in comprehensive-silver-penguin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 541381bb28bd073e81cf15b74de3bbb8a6a48a612c12ddd4b7fe62a524767fe5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-117354
Malicious code in genetic-aqua-penguin npm...
EUVD-2025-117152
Malicious code in protestant-jade-penguin npm...
Malicious code in protestant-jade-penguin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae2bc1fe0efb377fe5fc0af8141ff8658b9d9ff3a6bb2392dc1f008206ae9a33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-138748 Malicious code in genetic-aqua-penguin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c7228b48ce2323d35a74614638bf6644a42e50e30c25160d5b32a179f4073a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-101693
Malicious code in adversepenguinz3n npm...
EUVD-2025-104076
Malicious code in logicalpenguinz3n npm...
Malicious code in wrong_penguin_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17d59a9cb8cc8ff3bd34144e4bb9f74fd13879ee74f8924bff5944ce5c1c153e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-104077
Malicious code in localpenguinz3n npm...
MAL-2025-131799 Malicious code in zeroth_penguin_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bb215e56971cf1bf5f2768152924060025b31a676ab5a9324e353b5f3473e07 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-106293
Malicious code in burningpenguinz3n npm...
EUVD-2025-105088
Malicious code in generalpenguinz3n npm...
Malicious code in ltd_penguin_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48bc99332f3f3df09e91908d3dcd1226631f31a3523d5fe9452a5c88dbbf4f34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-95146
Malicious code in scarypenguinz3n npm...
Malicious code in burning_penguin_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fc8defa85c82661cdf9aefa158eebc34cc389c982e1e1937ca329655bffd491 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-104927
Malicious code in governingpenguinz3n npm...