8649 matches found
MAL-2025-191275 Malicious code in @oku-ui/switch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 740a6698034fbce630b1da1ce44728782b3f71faffd3ee2801c45b6a3f9e6f7e The package @oku-ui/switch was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191428 Malicious code in solomon-v3-stories (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a3c2b76ec7ca12640f848ff834bd3a10c3c2f6247a9b372905bf57e2d9f2194 The package solomon-v3-stories was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased "operations tempo" from the threat actor. The findings come from Google Threat Intelligence Group GTIG, which said the...
Pixel-stealing “Pixnapping” attack targets Android devices
Researchers at US universities have demonstrated how a malicious Android app can trick the system into leaking pixel data. That may sound harmless, but imagine if a malicious app on your Android device could glimpse tiny bits of information on your screen—even the parts you thought were secure,...
Pixnapping: Bringing Pixel Stealing out of the Stone Age
Pixel stealing attacks enable malicious websites to leak sensitive content displayed in victim websites. The idea, introduced by Stone in 2013, is to embed victim websites in iframes and use SVG filters to compute on, and create side channels as a function of, those websites' pixels. Fortunately,...
Inside Russian Market: Uncovering the Botnet Empire
Eliran Alon contributed to this post. Inside Russian Market: Key insights from Rapid7 threat research The online cybercrime marketplace, Russian Market, has evolved from selling Remote Desktop Protocol RDP access to becoming one of the most active underground hubs for information-stealing malware...
EUVD-2018-13358
Malware in sbrugna...
EUVD-2019-6242
Malware in sbrugna...
EUVD-2019-5890
Malware in sbrugna...
EUVD-2021-15889
Malware in sbrugna...
Exploit for CVE-2025-8061
Lenovo-CVE-2025-8061 PoC fo...
EUVD-2021-29623
Malicious code in bioql PyPI...
EUVD-2022-3314
Malicious code in bioql PyPI...
EUVD-2021-29625
Malicious code in bioql PyPI...
EUVD-2022-35232
Malicious code in bioql PyPI...