605 matches found
⚡ Weekly Recap: Hot CVEs, npm Worm Returns, Firefox RCE, M365 Email Raid & More
Hackers aren't kicking down the door anymore. They just use the same tools we use every day — code packages, cloud accounts, email, chat, phones, and "trusted" partners — and turn them against us. One bad download can leak your keys. One weak vendor can expose many customers at once. One guest...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The package was flagged as malicious during the Sha1-hulud supply chain attack. Although the Sha1-hulud IoCs are not present within the package, the contents of the affected version were removed from the officia...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The package was flagged as malicious during the Sha1-hulud supply chain attack. Although the Sha1-hulud IoCs are not present within the package, the contents of the affected version were removed from the officia...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The package was flagged as malicious during the Sha1-hulud supply chain attack. Although the Sha1-hulud IoCs are not present within the package, the contents of the affected version were removed from the officia...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The package was flagged as malicious during the Sha1-hulud supply chain attack. Although the Sha1-hulud IoCs are not present within the package, the contents of the affected version were removed from the officia...
Malicious code in @lokeswari-satyanarayanan/rn-zustand-expo-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73fe3bd99e2f11ab8bb09a9086c4dca8af56372031492ed11d90f1e32a0e8f53 The package @lokeswari-satyanarayanan/rn-zustand-expo-template was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/circleci-config-sdk-orb-import (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93fddfa88f30512d04aa154c955befc6e560cd4a1600f731643caf20e799e5c8 The package @voiceflow/circleci-config-sdk-orb-import was found to contain malicious code. Source: google-open-source-security...
Malicious code in @dev-blinq/ui-systems (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ce530512b608913637db50ce0058d08d5afb8173c8b5968023c9b9665bcde49 The package @dev-blinq/ui-systems was found to contain malicious code. Source: ghsa-malware...
Malicious code in @oku-ui/tooltip (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a877d67aa9ecc5ce75cbb742bfc5ec14376ac9423b13080e69cda80ce1f536e1 The package @oku-ui/tooltip was found to contain malicious code. Source: google-open-source-security...
Malicious code in posthog-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b422f278bf27e062b349e97360b6919e773122f21656f23d6da583ce7cb1a92 The package posthog-js was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/alexa-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2a57c4900c522a4ebbd888c0fac2f59b4f5078a7fd20a124d4b46f6329b5161 The package @voiceflow/alexa-types was found to contain malicious code. Source: ghsa-malware...
Malicious code in @huntersofbook/core-nuxt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55edac19ed06e3c91521ad4302f6089a2c2443807f93bf209a4e111a86a09b3a The package @huntersofbook/core-nuxt was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/alert-dialog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 824a69f83431a766f681bc72d705ff3b28ae9309898b4ad10979adca148f2276 The package @oku-ui/alert-dialog was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/arrow (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 085e9cbdb891d5b550a81a42584b1cdd8ab001a9443b162158aa633ce18b1e06 The package @oku-ui/arrow was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/collection (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 881324e8071cf3faabccf492103c5280af893332c6a40845e781826209b86b0f The package @oku-ui/collection was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/motion-nuxt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f92b87caa59206174882fe75cd77964bc3f31b824958a07a22210e50eeb21ac9 The package @oku-ui/motion-nuxt was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/portal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0711033d654f75b42d8959721555bcf5aa5fb766ccc12b6e89c56eef0d8cafd The package @oku-ui/portal was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/presence (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ccfe3cd227dfd52c2a7bb6d2c15fc511a5d1baab2eb3378960905005e421b9a The package @oku-ui/presence was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/switch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 740a6698034fbce630b1da1ce44728782b3f71faffd3ee2801c45b6a3f9e6f7e The package @oku-ui/switch was found to contain malicious code. Source: google-open-source-security...
Malicious code in @posthog/laudspeaker-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d44feed9d3d00b551ce5d190d7fba454ffbe5757b5a52eeb4c765bf70543d88c The package @posthog/laudspeaker-plugin was found to contain malicious code. Source: google-open-source-security...