Lucene search
K

14 matches found

OSV
OSV
added 2026/05/25 3:12 p.m.16 views

MAL-2026-4707 Malicious code in vue-compiler-sfc-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c320320435358c109567ef3776ced079a2196b831b583b66c87323ddf402bae9 Package name and README impersonate the official @vue/compiler-sfc package; index.js merely re-exports it. The npm postinstall hook runs...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/04/03 7:5 p.m.4 views

MAL-2026-2472 Malicious code in strapi-plugin-nordica-api (npm)

strapi-plugin-nordica-api is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network...

6AI score
Exploits0References2
The Hacker News
The Hacker News
added 2023/08/24 11:24 a.m.32 views

New "Whiffy Recon" Malware Triangulates Infected Device Location via Wi-Fi Every Minute

The SmokeLoader malware is being used to deliver a new Wi-Fi scanning malware strain called Whiffy Recon on compromised Windows machines. "The new malware strain has only one operation. Every 60 seconds it triangulates the infected systems' positions by scanning nearby Wi-Fi access points as a da...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/21 7:15 a.m.44 views

South Korean DarkHotel Hackers Targeted Luxury Hotels in Macau

Luxury hotels in the Chinese special administrative region of Macau were the target of a malicious spear-phishing campaign from the second half of November 2021 and through mid-January 2022. Cybersecurity firm Trellix attributed the campaign with moderate confidence to a suspected South Korean...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/08/20 3:44 p.m.30 views

ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups

ShadowPad, an infamous Windows backdoor that allows attackers to download further malicious modules or steal data, has been put to use by five different Chinese threat clusters since 2017. "The adoption of ShadowPad significantly reduces the costs of development and maintenance for threat actors,...

1.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/22 10:38 a.m.42 views

APT Hackers Distributed Android Trojan via Syrian e-Government Portal

An advanced persistent threat APT actor has been tracked in a new campaign deploying Android malware via the Syrian e-Government Web Portal, indicating an upgraded arsenal designed to compromise victims. "To the best of our knowledge, this is the first time that the group has been publicly observ...

0.6AI score
Exploits0
ThreatPost
ThreatPost
added 2020/04/06 3:55 p.m.91 views

Government VPN Servers Targeted in Zero-Day Attack

As the Chinese government turns to virtual private networks VPNs to provide access to official resources for those working remotely amid the COVID-19 pandemic, the DarkHotel APT has seized the opportunity to target those VPNs in a zero-day attack, researchers said. According to security analysts...

0.9AI score
Exploits0References14
Richard Bejtlich's blog
Richard Bejtlich's blog
added 2018/10/05 10:0 p.m.71 views

Network Security Monitoring vs Supply Chain Backdoors

On October 4, 2018, Bloomberg published a story titled “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” with a subtitle “The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according t...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2018/03/09 9:4 p.m.30 views

APT Hackers Infect Routers to Covertly Implant Slingshot Spying Malware

Security researchers at Kaspersky have identified a sophisticated APT hacking group that has been operating since at least 2012 without being noticed due to their complex and clever hacking techniques. The hacking group used a piece of advanced malware—dubbed Slingshot—to infect hundreds of...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2017/05/29 3:14 a.m.24 views

Judy Android Malware Infects Over 36.5 Million Google Play Store Users

Security researchers have claimed to have discovered possibly the largest malware campaign on Google Play Store that has already infected around 36.5 million Android devices with malicious ad-click software. The security firm Checkpoint on Thursday published a blog post revealing more than 41...

7.2AI score
Exploits0
FireEye
FireEye
added 2016/06/14 8:0 a.m.10 views

Pwned by Vpon

Vpon is one of many mobile ad SDKs marketed towards mainland Chinese and Taiwanese developers and app users. Recently, FireEye mobile security researchers identified a branch of Vpon ad SDK on iOS containing code that allows a malicious actor be it the app developer or the SDK creator to remotely...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2012/05/23 7:12 p.m.37 views

Months After A Patch, Targeted Attacks Still Using Adobe Flash Bug

More than three months after it was patched, attackers are still using a vulnerability in Adobe’s Flash product in targeted, ‘APT-style’ attacks. The vulnerability, identified as CVE-2012-0754 was patched in February and linked to targeted attacks weeks later. But new attacks targeting unpatched...

10CVSS2.3AI score0.9203EPSS
Exploits11References4
ThreatPost
ThreatPost
added 2012/05/02 3:36 p.m.10 views

New Malware Found Exploiting Mac OS X Snow Leopard

Many Mac users recently have found themselves stumbling out of the darkness, shielding their eyes from the spotlight that attackers and malware writers are now shining on them. Malware having been a rarity on OS X, it’s taking some time to adjust, but while that’s happening the attackers are busy...

0.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2012/01/31 5:5 p.m.27 views

Ongoing Targeted Attack Campaign Going After Defense, Aerospace Industries

Researchers have identified a strain of malware that’s being used in a string of targeted attacks against defense contractors, government agencies and other organizations by leveraging exploits against zero-day vulnerabilities. The attacks may have been going on since 2009 in some form and the...

9.3CVSS0.8AI score0.82485EPSS
Exploits13References4
Rows per page
Query Builder