Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Github Security Blog
Github Security Blogadded 2025/08/27 4:42 p.m.11 views

Malicious versions of Nx were published

Summary Malicious versions of the nx package, as well as some supporting plugin packages, were published to npm, containing code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts. Immediate Actions Required For all users, check if you were...

9.6CVSS7.8AI score0.00527EPSS
Exploits0References13Affected Software8
Snyk
Snykadded 2025/08/27 1:12 a.m.2 views

Embeded Malicious Code

Overview @nx/enterprise-cloud is a part of the Nx Powerpack extensions for Nx. This plugin is specific to Nx Enterprise Cloud workspaces. Affected versions of this package are vulnerable to Embeded Malicious Code through a malicious postinstall script that triggers a file named telemetry.js. A...

9.8CVSS7.1AI score0.00527EPSS
Exploits0References2
Rows per page
Query Builder