Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

CVE-2014-0285

creationtimestamp| type| source ---|---|--- 2025-08-31 03:13:16+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...

CVE-2025-0587

creationtimestamp| type| source ---|---|--- 2025-08-19 13:26:45+00:00| seen| MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72...

AsyncRAT's Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe

Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT , which was first released on GitHub in January 2019 and has since served as the foundation for several other variants. "AsyncRAT has cemented its place as a cornerstone of modern malware an...

CVE-2023-28904

creationtimestamp| type| source ---|---|--- 2025-06-28 15:55:09+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19813 2025-06-28 18:22:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsorjqkqoa2m...

Malicious code in dev-api-client (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 258921e8b616b5a24a74d27aabeedac0438ae3474367a670f6b8d4b3af7a6f26 Any computer that has this package installed or running should be considered...

Malicious code in poc-npm-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c566d52416b7be560224ad7d3f57924013882a6ee87a79754da4ba6f174c2106 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-45551

creationtimestamp| type| source ---|---|--- 2025-04-07 17:45:34+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10747 2025-08-09 17:25:38+00:00| seen| MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea 2025-09-10 07:00:42+00:00| seen| MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea...

CVE-2025-24452

creationtimestamp| type| source ---|---|--- 2025-03-12 04:43:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7279 2025-08-13 13:26:34+00:00| seen| MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868...

CVE-2025-2037

creationtimestamp| type| source ---|---|--- 2025-03-06 19:38:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6739 2025-03-06 22:12:22+00:00| seen| https://t.me/cvedetector/19737 2025-08-18 13:31:23+00:00| seen| MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3 2025-08-19...

CVE-2025-1808

creationtimestamp| type| source ---|---|--- 2025-03-02 01:31:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6084 2025-03-02 02:30:38+00:00| published-proof-of-concept| Telegram/yqhHHpTMJThvOnMP9KSTnP0VqA7-wzWy3afb6m7cmgNDxD4 2025-03-02 04:23:54+00:00| seen|...

CVE-2025-1506

creationtimestamp| type| source ---|---|--- 2025-02-28 06:25:58+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5841 2025-02-28 09:29:57+00:00| seen| https://t.me/cvedetector/19126 2025-03-02 11:44:22+00:00| seen| Telegram/FmjrvzrqbmiA1PlFRQCdfDB6CUseSxyidILeiKPdIgQQymPN 2025-08-22...

CVE-2025-0759

creationtimestamp| type| source ---|---|--- 2025-02-27 15:29:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5687 2025-08-22 14:52:22+00:00| seen| MISP/24306fae-b16b-4478-9297-d2973cdb583c...

CVE-2025-1536

creationtimestamp| type| source ---|---|--- 2025-02-21 15:23:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4906 2025-02-21 16:31:34+00:00| published-proof-of-concept| Telegram/tDCBdMcOgnZL82yA9NlC0UZrhiY4fZOvmxRMeD3Avyss0s 2025-02-21 18:06:07+00:00| seen|...

Malicious code in sample-nodejs-vsk-with-adm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 268548cd4032a80297c2f7fd9c2e1171027f9ecf4fabcb35debfb7c1fbc0cc13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware

Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat. The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were availabl...

Malicious code in @mcm-schema/valaution-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a80d202af499ca234ed5219bc2a6e5acc3581d10abfb940997a457a5d55b36e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...