217 matches found
MAL-2026-7012 Malicious code in express-mongo-limit (npm)
The npm package express-mongo-limit masquerades as an Express/MongoDB payload sanitization middleware likely typosquatting express-mongo-sanitize but is a credential stealer, remote-code-execution backdoor, crypto clipboard hijacker, and screenshot spyware. It declares a postinstall: node index.j...
Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows
Cybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that's targeting Windows users. Active since mid-2025, the threat is designed to execute arbitrary JavaScript code retrieved from a command-and-control C2 server, Kaspersky researcher Lisandro Ubiedo said in an...
EUVD-2025-179179
Malicious code in electron-pm2-toml-test npm...
Malicious code in zephyr-mongodb-wavefunction-pm2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb6455e842bfed2e45795b6fa4955bfa999151b2b9d2cf8678f31179f7a042f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-179626
Malicious code in commitlint-resolvers-procyon-pm2 npm...
EUVD-2025-179522
Malicious code in cosmos-framework-gacrux-pm2 npm...
EUVD-2025-178841
Malicious code in foundation-rigel-pm2-foundation npm...
EUVD-2025-176962
Malicious code in proxima-hugo-pm2-phoebe npm...
EUVD-2025-179839
Malicious code in celeste-pm2-xerxes-kuiperbelt npm...
EUVD-2025-179560
Malicious code in corvus-biohacking-helmet-pm2 npm...
EUVD-2025-178613
Malicious code in halley-pm2-semantic-ui-commitlint-config-angular npm...
EUVD-2025-177963
Malicious code in mantle-galaxy-vuetify-pm2 npm...
EUVD-2025-177987
Malicious code in lyra-xanthus-csrf-pm2 npm...
Malicious code in leda-pm2-lacerta-speleology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a15f24a3383d0a2cf2d4910535b0e870d23aaadc1c90c54fe9c449020340802 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177119
Malicious code in pm2-development-postcss-callback npm...
Malicious code in electron-pm2-toml-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f39fb8a9d75395b1785a187dc32fd7123d42ea214d0d3cd4f9526ff421b0a685 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176076
Malicious code in tachyon-mesosphere-spinner-pm2 npm...
EUVD-2025-179972
Malicious code in brane-pm2-isostasy-jekyll npm...
EUVD-2025-175471
Malicious code in xo-helios-child-process-pm2 npm...
EUVD-2025-176225
Malicious code in standard-saturnology-webpack-pm2 npm...