Lucene search
K

35 matches found

Snyk
Snyk
added 2026/06/02 9:0 p.m.10 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/19 12:0 a.m.6 views

MAL-2026-4021 Malicious code in @antv/gpt-vis-ssr (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.10 views

Malicious code in @antv/g-plugin-webgl-device (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/19 12:0 a.m.10 views

MAL-2026-3956 Malicious code in @antv/g-plugin-webgl-renderer (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/19 12:0 a.m.19 views

MAL-2026-3932 Malicious code in @antv/g-plugin-a11y (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/19 12:0 a.m.11 views

MAL-2026-3854 Malicious code in @antv/ava-react (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/19 12:0 a.m.10 views

MAL-2026-4145 Malicious code in lint-md-cli (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
Snyk
Snyk
added 2026/05/18 9:0 p.m.11 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2026/05/14 7:25 p.m.11 views

MAL-2026-3762 Malicious code in exxpress-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 378e423b00c08a371fbae1c77360685d2277e502e9875caa53fb20f58a39f396 The package name exxpress-tool is a one-character edit of the widely-used express package. On npm install, the declared scripts.postinstall runs...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/04/03 7:5 p.m.3 views

MAL-2026-2480 Malicious code in strapi-plugin-nordica-vhost (npm)

strapi-plugin-nordica-vhost is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network...

6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.5 views

PT-2026-7971

Ivanti EPM vulnerabilities are just 'sus' - remote attackers can steal secrets in CVE-2026-1604 updated. ivanti epm cybersecurity vulnerabilities https://t.co/mWhvL25Pqz...

5.5AI score
Exploits0References1
The Hacker News
The Hacker News
added 2025/12/01 12:47 p.m.18 views

⚡ Weekly Recap: Hot CVEs, npm Worm Returns, Firefox RCE, M365 Email Raid & More

Hackers aren't kicking down the door anymore. They just use the same tools we use every day — code packages, cloud accounts, email, chat, phones, and "trusted" partners — and turn them against us. One bad download can leak your keys. One weak vendor can expose many customers at once. One guest...

9.8CVSS10AI score0.99962EPSS
Exploits26
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 11:35 p.m.6 views

Malicious code in @dev-blinq/cucumber_client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db4a451970465311f6a1d2b9ac8b4713f2f4ff114aa37c12dd0daff6032c8ab6 The package @dev-blinq/cucumberclient was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/24 10:36 p.m.4 views

MAL-2025-191099 Malicious code in fuzzy-finder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebe54886101432e7b0f5fad8d751ca5493bfe6f8e067ab2010ef1a8aaa4cf435 The package fuzzy-finder was found to contain malicious code. Source: ghsa-malware b064e69feb20e776021d6962b2b92236a4dbe803610364feb603e47595cc2473 A...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/24 1:43 p.m.4 views

MAL-2025-190772 Malicious code in eslint-config-zeallat-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b28fe7c28614bd60fe323d92db35df502ed3c1c9076a708815031e1a78311c6e The package eslint-config-zeallat-base was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/24 1:32 p.m.3 views

MAL-2025-190723 Malicious code in @ensdomains/ccip-read-dns-gateway (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ddc155befe014da7ce46a7c122655187ecfb495a9af39726b73de5be9ad4f8c The package @ensdomains/ccip-read-dns-gateway was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/10 1:34 p.m.4 views

Malicious code in @js-to-lua/fast-follow-commands (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df9453e1ee97636a2ab1a62d9eed556436a2d9c1cd5a551571468cbe3d4e4d93 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/19 12:0 a.m.5 views

PT-2025-11994

Name of the Vulnerable Software and Affected Versions LangChain Core affected versions not specified Description A serious flaw exists in LangChain Core that allows attackers to steal secrets through serialization injection. This impacts applications utilizing LangChain’s serialization features...

6.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/18 12:0 a.m.6 views

PT-2024-5028 · Unknown +2 · Jumpserver +2

Name of the Vulnerable Software and Affected Versions: JumpServer versions prior to 3.10.12 JumpServer versions prior to 4.0.0 Description: The issue is related to the JumpServer Privileged Access Management PAM tool, which provides secure access to various endpoints through a web browser. An...

10CVSS9.9AI score0.01272EPSS
Exploits0References12
CVE
CVE
added 2024/06/19 12:0 a.m.54 views

CVE-2024-36677

The CVE-2024-36677 affects Weblir’s PrestaShop module Login as customer PRO (versions

7.5CVSS6.9AI score0.00379EPSS
Exploits0References1
Rows per page
Query Builder