79 matches found
Malicious code in @clausehq/flows-step-mqtt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55586de02f72931159b200d06ceacff4a40d50ee20e753335fffab62df93608c The package @clausehq/flows-step-mqtt was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191439 Malicious code in unadapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 909f7edee5bdbb572f7a49086e9d07b3de659aba6eec46149d795293e66f6c1e The package unadapter was found to contain malicious code. Source: ghsa-malware 9a3296cbe10427af96d873c98d866b062f727dfdecd5873ed7bf0b5bb501cb40 Any...
Malicious code in @silgi/better-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 528101596869077cdc065844f592e42299e9806c92d2b4f6f145ccd18194fdd5 The package @silgi/better-auth was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191311 Malicious code in @silgi/better-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 528101596869077cdc065844f592e42299e9806c92d2b4f6f145ccd18194fdd5 The package @silgi/better-auth was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191416 Malicious code in rediff (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c86aaca91ce5f75365f233d2d0448fcfe25ce792ebc203487993fdbed70e5c68 The package rediff was found to contain malicious code. Source: ghsa-malware 6f58213ac5761ffaaca614a73e2f1b9927e9f4b25f9dc8b3f64258411281ce41 Any...
MAL-2025-191070 Malicious code in barebones-css (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a6b6723c24807a6fb2e90c2f5e0f7238e1a2c25e2602ab7f4ba4bb3d0f13efe The package barebones-css was found to contain malicious code. Source: ghsa-malware 32d179a02b1e407d2a71cf2912a7c87d6419900b71e13260889103a40736d0f6...
MAL-2025-190981 Malicious code in next-styled-nprogress (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73288a3937c0b6e5fe20c011142795ae2f436252a77e2ab6b24dabcdb9ab7dd5 The package next-styled-nprogress was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190974 Malicious code in jacob-zuma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5046cda17d3d1de49e402cc9dbb860de629a5843d6ad27d2db95f626a280408 The package jacob-zuma was found to contain malicious code. Source: ghsa-malware 0aae0c8157adb8caf2d0af0aab7f402560e4489ff1f7f8b615bb7f79a23b3c1e Any...
MAL-2025-190818 Malicious code in @markvivanco/app-version-checker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb3390637a7e3c1122d5f1f2417189358dec13936938bd997c1bf5949c1bb8dc The package @markvivanco/app-version-checker was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190706 Malicious code in @actbase/css-to-react-native-transform (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19bb30e7704436db9e7ac671839931de450cdcde7408b8c151337c6958433836 The package @actbase/css-to-react-native-transform was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190763 Malicious code in @zapier/eslint-plugin-zapier (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4f3af0dfab295d120b932902816e065f092b48671909a971a2994cb3cb5afd6 The package @zapier/eslint-plugin-zapier was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190767 Malicious code in create-glee-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5c0932871cd18a6f6a6b4dc800d53bb26dee4aa4d1ca50380eb529d8de49e31 The package create-glee-app was found to contain malicious code. Source: ghsa-malware e24413ea376e0b85679ffebea5b81417a76a0134b6cde174e7a183437326193...
MAL-2025-190757 Malicious code in @seung-ju/react-hooks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4adf0b1f6ebc35246707044936c68dfe237eb92c6e65e24e87383fcfb2dbe55f The package @seung-ju/react-hooks was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190644 Malicious code in @posthog/ai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a9a022b20b3025cb0846139ab6f2a1308025ed8ee902db18aacbfa95c6ea7e6 The package @posthog/ai was found to contain malicious code. Source: ghsa-malware 1e6a08419969270cca059f804bb3ec25aa0427f00ef555a9409c12d50921a83c An...
SUSE CVE-2025-40189
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...
EUVD-2025-150385
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...
MAL-2025-180163 Malicious code in teate-thy-sonic-apite (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2f40e756f16b7d507f8c5fc5de46016340bb7db0ae8a86fc0d069424b99df3b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them. "Once active, the spyware can exfiltra...
EUVD-2022-55575
Malicious code in bioql PyPI...
CVE-2023-53473 ext4: improve error handling from ext4_dirhash()
In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4dirhash The ext4dirhash will almost never fail, especially when the hash tree feature was first introduced. However, with the addition of support of encrypted, casefolded file names, that...