Malicious code in tealove-darknest40 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5317403cd76ec5b2e56242335058919050525906ef8e88f8470fa1423d8565ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware

The threat actor known as Space Pirates has been linked to a malicious campaign targeting Russian information technology IT organizations with a previously undocumented malware called LuckyStrike Agent. The activity was detected in November 2024 by Solar, the cybersecurity arm of Russian...

New SteelFox Malware Posing as Popular Software to Steal Browser Data

SteelFox malware targets software pirates through fake activation tools, stealing credit card data and deploying crypto miners. Learn…...

Researchers Expose Space Pirates' Cyber Campaign Across Russia and Serbia

The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. "The cybercriminals' main goals are still espionage and theft of confidential...

Attacks, Vulnerabilities and Actors 17 July to 23 July 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of eleven attacks executed, nine vulnerabilities, and three different adversaries...

A Deep Dive into Space Pirates’ Unconventional Cyber Arsenal

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Space Pirates have been a persistent digital threat since 2017, relentlessly targeting over 16 organizations in Russia and one in Serbia. Despite retaining its core methods, this infamous group continuous...

Pakistani Entities Targeted in Sophisticated Attack Deploying ShadowPad Malware

An unidentified threat actor compromised an application used by multiple entities in Pakistan to deliver ShadowPad, a successor to the PlugX backdoor that's commonly associated with Chinese hacking crews. Targets included a Pakistan government entity, a public sector bank, and a telecommunication...

Webworm Hackers Using Modified RATs in Latest Cyber Espionage Attacks

A threat actor tracked under the moniker Webworm is taking advantage of bespoke variants of already existing Windows-based remote access trojans to fly under the radar, some of which are said to be in pre-deployment or testing phases. "The group has developed customized versions of three older...

Radiohead Dropped 18 Hours of Unreleased Music to Screw Pirates

You can listen to the OK Computer–era tracks right here...

piratesquest.digitickets.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-555809 Description| Value ---|--- Affected Website:| piratesquest.digitickets.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

piratesquest.digitickets.co.uk Open Redirect vulnerability

Open Bug Bounty ID: OBB-407705 Description| Value ---|--- Affected Website:| piratesquest.digitickets.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Che...

Pirates - The Secret of Life - Base64 encoded String, Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Pirates - The Secret of Life published at the 'play' market has multiple vulnerabilities...

Pirates Games for Kids Toddler - Dynamic Code Loading, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Pirates Games for Kids Toddler published at the 'play' market has multiple vulnerabilities...

Pirates of Everseas - Base64 encoded String, Customized SSL, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Pirates of Everseas published at the 'play' market has multiple vulnerabilities...

Plunder Pirates - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Plunder Pirates published at the 'play' market has multiple vulnerabilities...

Strawhat Pirates：Romance Dawn - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Strawhat Pirates：Romance Dawn published at the 'play' market has multiple vulnerabilities...

Bubble Pirates - Customized SSL, Exported ContentProvider, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Bubble Pirates published at the 'play' market has multiple vulnerabilities...

Coin Pirates - Dynamic Code Loading, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Coin Pirates published at the 'play' market has multiple vulnerabilities...

Pirates of the Dark Seas Slots - Customized SSL, Exported ContentProvider, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Pirates of the Dark Seas Slots published at the 'play' market has multiple vulnerabilities...

Pirates! Showdown Full Free - Dynamic Code Loading, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Pirates! Showdown Full Free published at the 'play' market has multiple vulnerabilities...