Malicious code in oj-odcs-product-selector (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 709903d8ce577ec3a287d787ad000d277c61e0c9a427262948b5e61986e5f320 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Threat Roundup for November 2 to November 9

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 02 and Nov. 09. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

PNG Containing Malicious JavaScript Code

A code execution vulnerability exists in multiple web-browsers when handling PNG files containing malicious JavaScript code. Opening those files would allow the malicious code to run and infect the target system...

Microsoft Office Mail Attachment Containing Malicious Downloader

A Microsoft Office Mail attachment containing a malicious downloader was observed as part of Locky ransomware campaign. A remote attacker could send spam e-mails including those downloaders and convince users to manually enable them. This would allow the malicious code to run and infect the targe...

Threat Outbreak Alert: Email Messages with Malicious Attachments on May 28, 2014

Medium Alert ID: 34407 First Published: 2014 May 29 13:49 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that contain a malicious attachment for the recipient. The text in the email message attempts to convince the recipient to open the...

Threat Outbreak Alert: Email Messages with Malicious Attachments on May 16, 2014

Medium Alert ID: 34253 First Published: 2014 May 16 13:44 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an attachment for the recipient. The email message attempts to convince the recipient to open the attachment and...

Threat Outbreak Alert: Email Messages with Malicious Attachments on May 14, 2014

Medium Alert ID: 34225 First Published: 2014 May 15 13:50 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that contain a document for the recipient. The email message attempts to convince the recipient to open the attachment to confirm the...

Threat Outbreak Alert: Fake Account Withdrawal Notice Email Messages on May 9, 2014

Medium Alert ID: 34182 First Published: 2014 May 9 18:59 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an account withdrawal notification for the recipient. The text in the email message attempts to convince the...

Threat Outbreak Alert: Fake Account Statement Notification Email Messages on May 9, 2014

Medium Alert ID: 34180 First Published: 2014 May 9 18:04 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an account statement notification for the recipient. The text in the email message attempts to convince the recipie...

Threat Outbreak Alert: Fake Court Apperance Notice Email Messages on May 13, 2014

Medium Alert ID: 34172 First Published: 2014 May 8 20:44 GMT Last Updated: 2014 May 14 13:17 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a court appearance notice for the recipient. The text in the email message...

Threat Outbreak Alert: Fake Voicemail Message Delivery Email Messages on May 7, 2014

Medium Alert ID: 34154 First Published: 2014 May 7 19:08 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a voicemail message for the recipient. The text in the email message attempts to convince the recipient to open the...

Threat Outbreak Alert: Fake Payment Transfer Notification Email Messages on April 28, 2014

Medium Alert ID: 33982 First Published: 2014 April 29 18:38 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain payment transfer details for the recipient. The text in the email message attempts to convince the recipient to...

Threat Outbreak Alert: Fake Malicious Attachment Email Messages on April 28, 2014

Medium Alert ID: 33978 First Published: 2014 April 29 18:28 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages with a blank message body and an attachment for the recipient. However, the .rar attachment contains a malicious .scr file that, when...

Threat Outbreak Alert: Fake Payment Confirmation Email Messages on April 28, 2014

Medium Alert ID: 33962 First Published: 2014 April 28 15:23 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment slip for the recipient. The text in the email message attempts to convince the recipient to open the...

Threat Outbreak Alert: Fake Transaction Failure Notification Email Messages on April 23, 2014.

Medium Alert ID: 33926 First Published: 2014 April 24 13:40 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a transaction failure notification for the recipient. The text in the email message attempts to convince the...

Threat Outbreak Alert: Fake Payment Confirmation Email Messages on April 22, 2014

Medium Alert ID: 33885 First Published: 2014 April 22 15:37 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment confirmation notification for the recipient. The text in the email message attempts to convince the...

Threat Outbreak Alert: Fake Product Purchase Order Request Email Messages on June 26, 2014

Medium Alert ID: 33857 First Published: 2014 April 22 15:37 GMT Last Updated: 2014 June 26 11:57 GMT Version: 42 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product purchase order request for the recipient. The email message...

Threat Outbreak Alert: Email Messages with Malicious Attachment on April 21, 2014

Medium Alert ID: 33868 First Published: 2014 April 21 17:33 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that contain an attachment for the recipient. The email message attempts to convince the recipient to open the attachment for details...

Threat Outbreak Alert: Fake Product Order Email Messages Notification Email Messages on April 16, 2014

Medium Alert ID: 33833 First Published: 2014 April 17 14:18 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a malicious product order notification for the recipient. The text in the email message attempts to convince the...

Threat Outbreak Alert: Fake Profile Question Response Email Messages on April 16, 2014

Medium Alert ID: 33823 First Published: 2014 April 16 21:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to Italian-language spam email messages that claim to contain an answer to a question regarding profile information for the recipient. The text in the email...