4 matches found
MAL-2025-5241 Malicious code in taskcluster-db (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 015560a72e308c3ba1770533176ac7fe0bcfbe4892581829992ee47063774f5c Any computer that has this package installed or running should be considered...
Malicious code in taskcluster-db (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 015560a72e308c3ba1770533176ac7fe0bcfbe4892581829992ee47063774f5c Any computer that has this package installed or running should be considered...
Mozilla: sentry Auth Token exposed publicly in docker hub image
The Sentry authentication token was exposed publicly in Docker Hub images belonging to the Taskcluster project. The token was found in the source code of the images and was still active, allowing access to the Sentry API...
Mozilla Bug Bounty Program Doubles Payouts, Adds Firefox Monitor
Mozilla is bumping up its bug bounty payouts and has added new websites and services – including the recently deployed Firefox Monitor– to its bug bounty program in hopes of attracting more researchers to sniff out vulnerabilities. The browser-maker is doubling bug bounty payouts for most of its...