485 matches found
MAL-2026-1574 Malicious code in transform-spread (npm)
The package 'transform-spread' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan RAT. "A malicious downloader staged a portable Java runtime and executed a malicious Java archive JAR file named...
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. "Analysis of the recovered dropper, persistence triggers, and mining payload reveals a sophisticated,...
CVE-2026-27121
svelte performance oriented web framework. Versions of svelte prior to 5.51.5 are vulnerable to cross-site scripting XSS during server-side rendering. When using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML output. If an...
CVE-2026-27121
svelte performance oriented web framework. Versions of svelte prior to 5.51.5 are vulnerable to cross-site scripting XSS during server-side rendering. When using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML output. If an...
CVE-2026-27121 Svelte affected by cross-site scripting via spread attributes in Svelte SSR
svelte performance oriented web framework. Versions of svelte prior to 5.51.5 are vulnerable to cross-site scripting XSS during server-side rendering. When using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML output. If an...
CVE-2026-27121 Svelte affected by cross-site scripting via spread attributes in Svelte SSR
svelte performance oriented web framework. Versions of svelte prior to 5.51.5 are vulnerable to cross-site scripting XSS during server-side rendering. When using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML output. If an...
CVE-2026-27121
Technical details for CVE-2026-27121 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-27121 Svelte affected by cross-site scripting via spread attributes in Svelte SSR
svelte performance oriented web framework. Versions of svelte prior to 5.51.5 are vulnerable to cross-site scripting XSS during server-side rendering. When using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML output. If an...
Cross-site Scripting (XSS)
Overview svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the spread syntax when rendering attributes from untrusted data during server-side rendering. An attacker can execute arbitrary JavaScript in the context of...
Cross-site Scripting (XSS)
Overview org.webjars.npm:svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the spread syntax when rendering attributes from untrusted data during server-side rendering. An attacker can execute arbitrary JavaScript i...
Svelte affected by cross-site scripting via spread attributes in Svelte SSR
Versions of svelte prior to 5.51.5 are vulnerable to cross-site scripting XSS during server-side rendering. When using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML output. If an application spreads user-controlled or external...
GHSA-F7GR-6P89-R883 Svelte affected by cross-site scripting via spread attributes in Svelte SSR
Versions of svelte prior to 5.51.5 are vulnerable to cross-site scripting XSS during server-side rendering. When using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML output. If an application spreads user-controlled or external...
Technical Deep Dive: The Monero Mining Campaign
Technical Deep Dive: The Monero Mining Campaign By Aswath A · February 17, 2026 Executive summary In the contemporary threat landscape, while ransomware grabs headlines with high-impact disruptions, cryptojacking operations have quietly evolved into sophisticated, persistent threats. This report...
How to Protect Your iPhone or Android Device From Spyware
Being targeted by sophisticated spyware is relatively rare, but experts say that everyone needs to stay vigilant as this dangerous malware continues to proliferate worldwide...
Shai-Hulud 2.0 Aftermath: Trends, Victimology and Impact
A deeper look at the Shai-Hulud 2.0 supply chain attack: reviewing the infection spread, victimology, leaked secrets distribution, and community response so far...
MAL-2025-191252 Malicious code in @oku-ui/checkbox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85b761a46dff9ea0ec6705cfe75221ceb7a3adeac0b4a2954618b3b069db3824 The package @oku-ui/checkbox was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/prettier-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d559f73440d8fdf3f6f155244ce54b5d8d829700d5780778a26f0ac94fb5b59e The package @voiceflow/prettier-config was found to contain malicious code. Source: ghsa-malware...
Malicious code in @voiceflow/nestjs-rate-limit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a0dac1431983489842c368c5db298d65dc30278340ee47cf01c5fb3fc2f178b The package @voiceflow/nestjs-rate-limit was found to contain malicious code. Source: google-open-source-security...
Malicious code in @oku-ui/dismissable-layer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e3f3fce07b25fef3b52f9f9cccfdaa44fd55e8721c6d7c287e1fbd9379359f0 The package @oku-ui/dismissable-layer was found to contain malicious code. Source: google-open-source-security...