MAL-2026-6197 Malicious code in new-ecro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7492a140547cea0957bc705d365e19806091462a249c3d5c90b6bfe91e8431c7 Package 'new-ecro' impersonates the legitimate 'big.js' library: it copies big.js's README, source, version banner 'big.js v7.0.1', author email, and...

Typosquatted npm packages used to steal cloud and CI/CD secrets

In this article 1. Attack chain overview 1. The lure: typosquats and spoofed metadata 2. Execution: npm lifecycle hook abuse 3. Gen-1 stager: HTTP C2 beacon and payload drop 4. Gen-2 stager: abusing the legitimate Bun runtime as a loader 5. Credential theft 6. Impact and blast radius 2. Mitigatio...

Directory traversal

Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is...

CVE-2011-4513

Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file,...

CVE-2011-4513

CVE-2011-4513 affects Siemens WinCC Flexible (2004–2008), WinCC V11 (TIA Portal), SIMATIC HMI panels (TP/OP/MP/Comfort/Mobile), and WinCC Runtime Advanced/Flexible Runtime. The vulnerability allows user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the...