Malicious code in fusion-plugin-rosetta (npm)

The package fusion-plugin-rosetta was found to contain malicious code...

MAL-2025-21071 Malicious code in fusion-plugin-rosetta (npm)

The package fusion-plugin-rosetta was found to contain malicious code...

MAL-2025-5081 Malicious code in i2g-rosetta (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in i2g-rosetta (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-4614 Malicious code in rosetta-elements (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 223577bf445eef54d28cca3d3d2015b497b5c23838c938f2a48411440b05f614 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in rosetta-elements (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 223577bf445eef54d28cca3d3d2015b497b5c23838c938f2a48411440b05f614 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in rosetta-primitives (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 066c537cf24b296d35abde5f38191e4f60c82f7bd0583997251e70bdb2c21052 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4613 Malicious code in rosetta-primitives (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 066c537cf24b296d35abde5f38191e4f60c82f7bd0583997251e70bdb2c21052 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

jsii-rosetta (>=5.6.0 <=5.6.21-dev.13), jsii-srcmak (>=0.1.1300 <=0.1.1305) potentially affected by unknown CVE via jsii (=5.6.23)

jsii NPM version =5.6.23 is affected by a known vulnerability. The following packages have a transitive dependency on jsii and may be impacted: - jsii-rosetta =5.6.0, =0.1.1300, =0.1.1305 Source cves: unknown CVE Source advisory: OSV:GHSA-M56H-5XX3-2JC2...

jsii-rosetta (>=5.7.0 <=5.7.24-dev.9), jsii-srcmak (>=0.1.1306 <=0.1.1308) potentially affected by unknown CVE via jsii (=5.7.22)

jsii NPM version =5.7.22 is affected by a known vulnerability. The following packages have a transitive dependency on jsii and may be impacted: - jsii-rosetta =5.7.0, =0.1.1306, =0.1.1308 Source cves: unknown CVE Source advisory: OSV:GHSA-M56H-5XX3-2JC2...

rosettastone.eu Cross Site Scripting vulnerability OBB-3316901

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

rosetta-wt.at Cross Site Scripting vulnerability OBB-2435954

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Experts Detail Logging Tool of DanderSpritz Framework Used by Equation Group Hackers

Cybersecurity researchers have offered a detailed glimpse into a system called DoubleFeature that's dedicated to logging the different stages of post-exploitation stemming from the deployment of DanderSpritz, a full-featured malware framework used by the Equation Group. DanderSpritz came to light...

Apple Silicon Support on Insight Agent

We are pleased to announce the general availability of native support of Apple Silicon chips for the Rapid7 Insight Agent! The Insight Agent has been fully validated and tested to run on the new Apple Silicon systems natively, and does not require Rosetta 2 to install or operate. This ensures...

Mac Malware Targets Apple’s New M1 Processor

Three months after Apple launched its new M1 system-on-a-chip SoC, cybercriminals have developed what may be the first malicious macOS application targeting the mobile giant’s first in-house silicon. Click to Register The recently uncovered malicious application, called GoSearch22, natively runs ...

Rosetta-Flash JSONP Vulnerability in hapi

This description taken from the pull request provided by Patrick Kettner. Versions 6.1.0 and earlier of hapi are vulnerable to a rosetta-flash attack, which can be used by attackers to send data across domains and break the browser same-origin-policy. Recommendation - Update hapi to version 6.1.1...

GHSA-363H-VJ6Q-3CMJ Rosetta-Flash JSONP Vulnerability in hapi

This description taken from the pull request provided by Patrick Kettner. Versions 6.1.0 and earlier of hapi are vulnerable to a rosetta-flash attack, which can be used by attackers to send data across domains and break the browser same-origin-policy. Recommendation - Update hapi to version 6.1.1...

rosettastone.co.jp Open Redirect vulnerability

Vulnerable URL: https://www.rosettastone.co.jp/store/rst/enAU/RedirectToLandingPage/pgm.95708900?landingpage=http%3A%2F%2Fwww.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly...

Learn Languages: Rosetta Stone - Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Learn Languages: Rosetta Stone published at the 'play' market has multiple vulnerabilities...

Rosetta-Flash JSONP Vulnerability

Overview This description taken from the pull request provided by Patrick Kettner. Versions 6.1.0 and earlier of hapi are vulnerable to a rosetta-flash attack, which can be used by attackers to send data across domains and break the browser same-origin-policy. Recommendation - Update hapi to...