359 matches found
Malicious code in @malwguy/ecto-corsair-whisper-3d2a7c (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b95a5cb65b01f03aebc1ab713877cb963b5de2cb4ddc38c03cdb01a7e469144 On npm install, postinstall.js walks /, /app, /home, /opt, /root for files whose names match /flag|secret|env/i, reads their contents, scrapes...
Malicious code in @uipath/vertical-solutions-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76957e857334423d0c1f4100218bb5856183968cc9475481adecdf97eac57796 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @atlan/connectors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22a96e40cb459d89624b2ce0705942ad4d54d8279e780c66fe2d2fa3f727cef1 The package @atlan/connectors was found to contain malicious code. Source: ghsa-malware...
Malicious code in decode-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44106748430b9007ab9f143fb8ba25fdd44592016d53029e790975d65bbe5825 The package decode-sdk was found to contain malicious code. Source: ghsa-malware 2a2fc9cdfc8d668581e87f6da2c920cf8a1748aa191910ac5db053a46cbc2282 Any...
CVE-2019-18372
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user...
EUVD-2014-4626
Malware in sbrugna...
EUVD-2019-12667
Malware in sbrugna...
Malicious code in shusnow (npm)
The package shusnow was found to contain malicious code...
MAL-2025-29670 Malicious code in priyectos (npm)
The package priyectos was found to contain malicious code...
Malicious code in isabel (npm)
The package isabel was found to contain malicious code...
MAL-2025-6682 Malicious code in epic-games-nav-share (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5c0876d33c9155274a0eaba4f29d9351f9cfa32ddf6363ae74258d56185de63 Any computer that has this package installed or running should be considered...
MAL-2025-6357 Malicious code in @video-platform/react-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea452d0cbf0922cb64aa58841819736049f66b68af3431da448a1703d4261e6d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6382 Malicious code in webpack-server-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4670ee3b5e87d1f4c57be17f95c864d3412ab82f6f6388c35cacf173fce117c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6369 Malicious code in proc-log-cmd (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef3082ede726543b5e19f768b9c6630da020446b5902205ab679184c0cac0c03 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6367 Malicious code in notification-clients (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23bcd1ac33ef0a2bf3c93c92420613bb1f50bfe66ca2893e94643ba662eeded6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6353 Malicious code in @kodane/patch-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7695fde6cc3a35bd130bcdcc096ef89e7ce312c36cd9e0a15ec986d9f516873 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6343 Malicious code in storybook-core-core-server-presets-0 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c26c4c0005ab8afcf7090a2e281324e67b2250f8a69956e559c51775ec00efca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6233 Malicious code in dpsdatahub (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbb97b44ee7e1364b992eae9dc31f497361866c14dada3334a4d21688978bb0d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6149 Malicious code in api-key-provider (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0a88a62f8ea00d632d4e82aaad35c4ba5fc30f8c8974e967235a721edb9df9c6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6150 Malicious code in apple-psh (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 041d9bb86cacaa2662e0692402d62b7779b1bac94c3aa30bd8f329fdbffba6eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...