Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/09/17 8:52 p.m.5 views

CVE-2025-59145

color-name is a JSON with CSS color names. On 8 September 2025, an npm publishing account for color-name was taken over after a phishing attack. Version 2.0.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrenc...

8.8CVSS6.9AI score0.00473EPSS
Exploits0References8
NVD
NVD
added 2025/09/15 8:15 p.m.6 views

CVE-2025-59142

color-string is a parser and generator for CSS color strings. On 8 September 2025, the npm publishing account for color-string was taken over after a phishing attack. Version 2.1.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to...

8.8CVSS0.00378EPSS
Exploits0References5
NVD
NVD
added 2025/09/15 8:15 p.m.5 views

CVE-2025-59141

simple-swizzle swizzles function arguments. On 8 September 2025, the npm publishing account for simple-swizzle was taken over after a phishing attack. Version 0.2.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect...

8.8CVSS0.00378EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.4 views

PT-2025-37760

Name of the Vulnerable Software and Affected Versions color-name versions prior to 2.0.2 Description An npm publishing account for color-name was taken over following a phishing attack. Version 2.0.1 was published with a malware payload designed to redirect cryptocurrency transactions to the...

8.8CVSS5.8AI score0.00473EPSS
Exploits0References33
Krebs on Security
Krebs on Security
added 2019/04/17 5:56 p.m.57 views

How Not to Acknowledge a Data Breach

I'm not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. But occasionally I feel obligated to publish such accounts when companies respond to a breach report in such a way that it's crystal clear they wouldn't know what to do with a data breach if...

6.8AI score
Exploits0
Cisco Threats
Cisco Threats
added 2015/08/14 6:57 p.m.15 views

Threat Outbreak Alert RuleID17383: Email Messages Distributing Malicious Software on August 14, 2015

Medium Alert ID: 40497 First Published: 2015 August 14 18:57 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17383 may contain the following files: Name |...

0.4AI score
Exploits0
Rows per page
Query Builder