94739 matches found
Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday
Security researcher Chaotic Eclipse aka Nightmare-Eclipse has released a new proof-of-concept PoC exploit called LegacyHive. It has been described as a Windows User Profile Service arbitrary hive load elevation of privileges vulnerability. The Windows User Profile Service, also referred to as...
vulnerable-web-app
vulnerable-web-app ⚠️ Intentionally vulnerable. A runna...
Exploit for Improper Authentication in Google Android
BT-HID-PoC — CVE-2023-45866 Interactive Wizard DISCLAIMER...
Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware
Four compromised npm packages in the @asyncapi namespace have been observed distributing a multi-stage botnet loader, according to findings from OX Security, SafeDep, Socket, and StepSecurity. The affected packages are listed below - @asyncapi/[email protected]...
Exploit for Deserialization of Untrusted Data in Metabase
CVE-2026-59827 — Unsafe Deserialization of H2 Query Results in...
Malicious code in chain-as-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86f8946bf37a9861239e59a78f2d003612494061d5aa60c5f7e54379e72f0ac7 chain-as-log advertises itself as a chai plugin providing deep-equal-excluding assertion helpers. At plugin load time when a consumer calls...
MAL-2026-10668 Malicious code in chain-as-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86f8946bf37a9861239e59a78f2d003612494061d5aa60c5f7e54379e72f0ac7 chain-as-log advertises itself as a chai plugin providing deep-equal-excluding assertion helpers. At plugin load time when a consumer calls...
Malicious code in eslintcmd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cf4500fbbfc85f42275772210ace6efb69c5f90d9d0a5edd7c0c75fa271f0c3 The package's postinstall script scripts/install-check.cjs fetches a JSON config from https://slimopump.vercel.app/config/clob-math.json, downloads...
Malicious code in @sauruslord/libsignal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0c2cf2672d98396a7b66cb732741d269732f5faae72293ea46e06b879e7a45b Package name impersonates Open Whisper Systems' libsignal-node but ships unrelated code. On require of index.js, after a 1-second delay, install.js...
MAL-2026-10659 Malicious code in @sauruslord/libsignal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0c2cf2672d98396a7b66cb732741d269732f5faae72293ea46e06b879e7a45b Package name impersonates Open Whisper Systems' libsignal-node but ships unrelated code. On require of index.js, after a 1-second delay, install.js...
Malicious code in @debile/require-dir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3075732c05c8b941b57fed9e8fe9c788b28f9ff6fe9ef91936d1802f568c594e Package @debile/require-dir republishes the code of the well-known require-dir package under a different scope. Its package.json preinstall script ru...
MAL-2026-10654 Malicious code in @debile/require-dir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3075732c05c8b941b57fed9e8fe9c788b28f9ff6fe9ef91936d1802f568c594e Package @debile/require-dir republishes the code of the well-known require-dir package under a different scope. Its package.json preinstall script ru...
Malicious code in core-dotenv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aad83962ee4db02c1bf43558ed5fe6bf79f66754b070415223d29643a8ff754e core-dotenv presents itself as a dotenv/env-var wrapper. On calling the package's config or get, which lazily invokes config, a worker plugin.worker....
MAL-2026-10631 Malicious code in core-dotenv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aad83962ee4db02c1bf43558ed5fe6bf79f66754b070415223d29643a8ff754e core-dotenv presents itself as a dotenv/env-var wrapper. On calling the package's config or get, which lazily invokes config, a worker plugin.worker....
MAL-2026-10639 Malicious code in ogensec-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4acb9448e8289c41cb35a883074545d2a790b719104b2f7c9a99bfca3e3f64ff The package ships an Express middleware that, on each incoming request, POSTs appId, endpoint to a configured $baseUrl and interprets the response as...
Malicious code in ogensec-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4acb9448e8289c41cb35a883074545d2a790b719104b2f7c9a99bfca3e3f64ff The package ships an Express middleware that, on each incoming request, POSTs appId, endpoint to a configured $baseUrl and interprets the response as...
Malicious code in chai-as-byte (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6820ba756fd8d2eb81435c478feb269e34f2aea859e42b42861d0a28f914a1f On require of the package's main entry, index.js detaches a child process that runs lib/initializeCaller.js. That script posts the caller's entire...
MAL-2026-10630 Malicious code in chai-as-byte (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6820ba756fd8d2eb81435c478feb269e34f2aea859e42b42861d0a28f914a1f On require of the package's main entry, index.js detaches a child process that runs lib/initializeCaller.js. That script posts the caller's entire...
Malicious code in @sqlite-frame/nodesql (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b24506932cbd3f2258f2448b83918ba2acee09cd896467780f8b1dc18b9eb42 index.js is a near-verbatim copy of the upstream feross/buffer library with a single injected top-level statement var ins =...
MAL-2026-10627 Malicious code in @sqlite-frame/nodesql (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b24506932cbd3f2258f2448b83918ba2acee09cd896467780f8b1dc18b9eb42 index.js is a near-verbatim copy of the upstream feross/buffer library with a single injected top-level statement var ins =...