Lucene search
K

485 matches found

The Hacker News
The Hacker News
added 2026/05/07 5:45 p.m.13 views

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments. "The toolset harvests credentials from cloud, container, developer, productivity, and...

5.8AI score
Exploits0
OSV
OSV
added 2026/04/30 4:53 p.m.8 views

MAL-2026-3201 Malicious code in lightning (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 703ac419d775488be137d7e01517d768da0b5581ab63338fb9523f2289f2b92c Versions 2.6.2, 2.6.3 were compromised. Compromised versions contain injected code that starts automatically during importing the module, downloads legitimate...

5.5AI score
Exploits0References5
Trend Micro Simply Security
Trend Micro Simply Security
added 2026/04/21 12:0 a.m.25 views

Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories

Our research on Void Dokkaebi’s operations uncovered a campaign that turns infected developer repositories into malware delivery channels. By spreading through trusted workflows, organizational codebases, and open-source projects, the threat can scale from a single compromise to a broader supply...

5.8AI score
Exploits0
HackRead
HackRead
added 2026/04/10 4:55 p.m.2 views

GraphAlgo Scam: Lazarus Hackers Register Real US LLCs to Spread Malware

ReversingLabs has discovered a fresh wave of the graphalgo campaign in which North Korean Lazarus hackers are using fake Florida LLCs, mimicking SWFT Blockchain, and using GitHub typo-squatting to target developers with malware...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/08 4:19 a.m.9 views

Malicious code in @fairwords/loopback-connector-es (npm)

The @fairwords/loopback-connector-es package was compromised as part of the TeamPCP/CanisterWorm campaign. A postinstall hook executes node scripts/check-env.js || true which performs multi-stage credential harvesting, encrypted exfiltration, and self-propagation. The payload harvests 40+...

5.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.5 views

CVE-2026-35209

defu is software that allows uers to assign default properties recursively. Prior to version 6.1.5, applications that pass unsanitized user input e.g. parsed JSON request bodies, database records, or config files from untrusted sources as the first argument to defu are vulnerable to prototype...

7.5CVSS5.9AI score0.00398EPSS
Exploits0References1
NVD
NVD
added 2026/04/06 6:16 p.m.34 views

CVE-2026-35209

defu is software that allows uers to assign default properties recursively. Prior to version 6.1.5, applications that pass unsanitized user input e.g. parsed JSON request bodies, database records, or config files from untrusted sources as the first argument to defu are vulnerable to prototype...

7.5CVSS0.00398EPSS
Exploits0References4
CVE
CVE
added 2026/04/06 5:26 p.m.49 views

CVE-2026-35209

CVE-2026-35209 affects defu, a recursive defaults merger. Before v6.1.5, the vulnerable code path uses Object.assign({}, defaults) in _defu, which can trigger the proto setter and pollute the Object prototype, allowing attacker-controlled values to appear in the final result. The vulnerability ar...

7.5CVSS5.9AI score0.00398EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/04 6:17 a.m.3 views

GHSA-737V-MQG7-C878 defu: Prototype pollution via `__proto__` key in defaults argument

Impact Applications that pass unsanitized user input e.g. parsed JSON request bodies, database records, or config files from untrusted sources as the first argument to defu are vulnerable to prototype pollution. A crafted payload containing a proto key can override intended default values in the...

7.5CVSS5.9AI score0.00398EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/04 6:17 a.m.14 views

defu: Prototype pollution via `__proto__` key in defaults argument

Impact Applications that pass unsanitized user input e.g. parsed JSON request bodies, database records, or config files from untrusted sources as the first argument to defu are vulnerable to prototype pollution. A crafted payload containing a proto key can override intended default values in the...

7.5CVSS5.9AI score0.00398EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.5 views

PT-2026-30321

Name of the Vulnerable Software and Affected Versions defu versions prior to 6.1.5 Description Applications using the defu software are susceptible to prototype pollution when processing unsanitized user input, such as parsed JSON request bodies, database records, or config files from untrusted...

7.5CVSS5.9AI score0.00398EPSS
Exploits0References136
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:33 a.m.5 views

Malicious code in @emilgroup/setting-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 679e8996c56ffd334a5fd610afb087430e91e54ef7371e70ba8ce6170b3b9cf9 The package @emilgroup/setting-sdk was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:33 a.m.7 views

Malicious code in @emilgroup/process-manager-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c387184509fe5ed2657f553bc35f51353adfe2f37b6b1a4817cec868cb653cf The package @emilgroup/process-manager-sdk was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:33 a.m.8 views

Malicious code in @emilgroup/commission-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88cda98ba417752b6bf4aef7eb0ecf7410017226165423202ca4d5886f370478 The package @emilgroup/commission-sdk was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:33 a.m.9 views

Malicious code in @emilgroup/process-manager-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc09d1561452ec50af226b10199a75b846e64e16ccbd9ff7757bf0e4a769d0c2 The package @emilgroup/process-manager-sdk-node was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/03/26 12:33 a.m.3 views

MAL-2026-2204 Malicious code in @emilgroup/numbergenerator-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb683bd2b58170dd475a632d83ded202109e3d58609bbc2952c83baa19c6f3b3 The package @emilgroup/numbergenerator-sdk-node was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/03/26 12:33 a.m.4 views

MAL-2026-2211 Malicious code in @opengov/form-renderer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6c8cb05cb54fe0f2f81f0c9a5ff43f2c4a45ab0fa31bcc1d1cade080e731c3d The package @opengov/form-renderer was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.10 views

Malicious code in transform-es2015-spread (npm)

The package 'transform-es2015-spread' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.5 views

Malicious code in transform-spread (npm)

The package 'transform-spread' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSV
OSV
added 2026/03/16 12:0 a.m.2 views

MAL-2026-1574 Malicious code in transform-spread (npm)

The package 'transform-spread' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.6AI score
Exploits0References3
Rows per page
Query Builder