Lucene search
K

30 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 12:0 a.m.20 views

Malicious code in log-taker1 (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. log-taker1 embeds a full infostealer 2800 lines directly in index.js, executed at install time via postinstall: node test.js. The payload harvests cryptocurrency wallet vaults MetaMask, Phantom, Solflare,...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 12:0 a.m.8 views

Malicious code in thirdwb (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. thirdwb is a typosquat of the legitimate thirdweb package. It uses a side-loader technique, pulling in log-taker as a transitive dependency; the infostealer runs automatically via that dependency's...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 12:0 a.m.9 views

Malicious code in console-fmt-cli (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. console-fmt-cli uses a side-loader technique: it declares decimal-format-core =3.0 as a dependency, which contains a dropper that executes at install time via a postinstall hook. The dropper fetches a...

6.3AI score
Exploits0References12
OSV
OSV
added 2026/06/30 12:0 a.m.5 views

MAL-2026-6692 Malicious code in polymarket-trading-developer-tools (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign targeting Polymarket developers. polymarket-trading-developer-tools uses a dropper technique: a postinstall hook downloads configuration from pm-trading-dev-tools-be.vercel.app and exfiltrates data to the...

6AI score
Exploits0References3
OSV
OSV
added 2026/06/23 4:11 p.m.7 views

MAL-2026-6317 Malicious code in ts-bn-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e591f0b407bc22e3abe20da9207df2d2922f75d98ab97aaa62557ca88b8fc349 [email protected] is a credential harvester disguised as a TypeScript/lint utility. index.js defines decodeStr which base64-decodes all operationally...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/19 3:59 a.m.9 views

MAL-2026-6187 Malicious code in eslint-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5802f88a31cfb1c54196395aa04377de1c98657cdd78f59e4a595f2913239301 Package masquerades as an ESLint utility but contains no lint-related code. The exported fromstr recursively walks process.cwd searching for...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:59 a.m.12 views

Malicious code in eslint-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5802f88a31cfb1c54196395aa04377de1c98657cdd78f59e4a595f2913239301 Package masquerades as an ESLint utility but contains no lint-related code. The exported fromstr recursively walks process.cwd searching for...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:4 p.m.17 views

Malicious code in scan-only (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7779ff21d9783e1026e13a7abf65e448c5f3d3d111f3cae539f3690e53a2b4 The CLI binary at bin/scan-only.js, when invoked e.g., via npx scan-only --diagnose, harvests installer-side secrets and ships them to a hardcoded...

6.1AI score
Exploits0References14
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 7:20 p.m.16 views

Malicious code in nerfstudio-gs (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68238d06ff6ba3548296464666c6d1390341e99d19ee053f7b36170a5e266d71 No suspicious behaviors were observed in this package version. No install-time network activity, no credential or environment scraping, no obfuscated...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 6:37 p.m.21 views

Malicious code in forge-jsx (npm)

forge-jsx is a malicious npm package that impersonates an Autodesk Forge SDK. It was published as a fully-formed RAT from its first version on April 7, 2026. Installing the package on any non-CI machine deploys a persistent background agent that captures all keystrokes, monitors clipboard content...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/04/15 6:37 p.m.9 views

MAL-2026-2884 Malicious code in forge-jsx (npm)

forge-jsx is a malicious npm package that impersonates an Autodesk Forge SDK. It was published as a fully-formed RAT from its first version on April 7, 2026. Installing the package on any non-CI machine deploys a persistent background agent that captures all keystrokes, monitors clipboard content...

5.9AI score
Exploits0References2
The Hacker News
The Hacker News
added 2026/04/02 7:30 p.m.18 views

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services AWS secrets, shell command history, Stripe API keys, and GitHub tokens at scale. Cisco Talos...

10CVSS7.2AI score0.99562EPSS
Exploits374
Fedora
Fedora
added 2026/02/11 12:59 a.m.9 views

[SECURITY] Fedora 42 Update: atuin-18.6.1-10.fc42

Atuin replaces your existing shell history with a SQLite database, and records additional context for your commands. Additionally, it provides optional and fully encrypted synchronization of your history between machines, via an Atuin server...

7.5CVSS5.5AI score0.00443EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/02/09 9:29 p.m.4 views

CVE-2026-25918 unity-cli Exposes Plaintext Credentials in Debug Logs (sign-package command)

unity-cli is a command line utility for the Unity Game Engine. Prior to 1.8.2 , the sign-package command in @rage-against-the-pixel/unity-cli logs sensitive credentials in plaintext when the --verbose flag is used. Command-line arguments including --email and --password are output via...

5.9CVSS5.6AI score0.00132EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.18 views

EUVD-2014-3066

Malware in sbrugna...

2.1CVSS6.4AI score0.00318EPSS
Exploits0References2
Fedora
Fedora
added 2025/06/25 1:43 a.m.11 views

[SECURITY] Fedora 41 Update: atuin-18.3.0-4.fc41

Atuin replaces your existing shell history with a SQLite database, and records additional context for your commands. Additionally, it provides optional and fully encrypted synchronization of your history between machines, via an Atuin server...

8.8CVSS7.4AI score0.00484EPSS
Exploits1
Fedora
Fedora
added 2025/06/25 1:19 a.m.8 views

[SECURITY] Fedora 42 Update: atuin-18.3.0-4.fc42

Atuin replaces your existing shell history with a SQLite database, and records additional context for your commands. Additionally, it provides optional and fully encrypted synchronization of your history between machines, via an Atuin server...

8.8CVSS7.4AI score0.00484EPSS
Exploits1
Snyk
Snyk
added 2025/03/01 6:33 a.m.8 views

Insertion of Sensitive Information into Log File

Overview kuzu is an An in-process property graph database management system built for query speed and scalability. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in cli workflow. Confidential information such as s3secretaccesskey is cached in...

5.1CVSS6.7AI score
Exploits0References3
Snyk
Snyk
added 2025/03/01 6:33 a.m.4 views

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in cli workflow. Confidential information such as s3secretaccesskey is cached in shell history. Remediation Upgrade com.kuzudb:kuzu to version 0.8.2 or higher. References - GitHub Commit ...

5.1CVSS6.7AI score
Exploits0References3
Snyk
Snyk
added 2025/03/01 6:33 a.m.5 views

Insertion of Sensitive Information into Log File

Overview kuzu is an An in-process property graph database management system built for query speed and scalability. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in cli workflow. Confidential information such as s3secretaccesskey is cached in...

5.1CVSS6.7AI score
Exploits0References3
Rows per page
Query Builder