Malicious code in aven_types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0df68dd11fcc6eb930db59e54118c89a481c0d8db3d4db96ca7732ce04cc3bb2 The package aventypes was found to contain malicious code. Source: ghsa-malware d042da73509307cc87e2110ee9cbd8873cd35b4d5de30c65df0f8daf7e93f49a Any...

Malicious code in transform-typescript (npm)

The package 'transform-typescript' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

Malicious code in internallib_v355 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dba9a4166fd959eea5357952f1ffba736b4e6c9176ddeff85e0aeb1592edef8 The package internallibv355 was found to contain malicious code. Source: ghsa-malware 41e49779a105339cef2addb161d2a79d3aa2e22201f862ba6c3ef2af1ab1ccd...

Malicious code in csv-parsing-xyz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 363b0535fad3e1200b4ecbbcaf6864c57f005f66af100032426235146347282e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in internallib_v915 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3514c2a5f4c17fc8f3a153f8c5601c0308a3dded83b19b0b6a387943c2425178 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Linux Distros Unpatched Vulnerability : CVE-2024-47094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p22, 2.2.0p37, 2.1.0p50 EOL causes remote site secrets to be written to...

Malicious code in keypress-win (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f954e50f0d90246c5d2855aca594a6179bc90df76259b2b657e357f06af6cb2c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Xerox Workplace Suite 安全漏洞

Xerox Workplace Suite is a powerful print management software from Xerox. A security vulnerability exists in Xerox Workplace Suite version 5.6.701.9, which originates from the return of plaintext secrets and plaintext remote system secrets...

Malicious code in arkime (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4e6853d07fc7ca8efb0ffc45302b6b677a4b83c2e2de0e773616d9009f9b0ad8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in cstar-react-primitives (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e5e17c124200806f9b8339c6fbbd82d8805a667b98f2f0e6822b6decbf5a26cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wg5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad3d5b6f4d4166695b8f2fae57f74d9575339980a73c4c600b2ecdd9186c5124 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in testapp00009 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9fb396ef5f846069b4adb5738c3c1f69ea523ac3b4b516f1437304f6cdd35f69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...