257 matches found
Malicious Package
Overview arabic-normalizer is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview abbyycloud is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using abbyycloud...
Malicious Package
Overview datadognotifications is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview atest-gem is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using atest-gem...
Malicious Package
Overview fontleague is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using fontleague...
Malicious Package
Overview benchmarkplot is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using benchmarkplot...
Malicious Package
Overview cocoapodsfixbugs-plugin is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview ackintosh-net-empty-port is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview fluentplugin-stats is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview active-serializer is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview jenkins-statsd is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using jenkins-stat...
Protecting Websites from Magecart and Other In-Browser Threats
The Rise of Third-Party Scripts Modern web applications have become increasingly reliant on external code, services and vendors that execute JavaScript code in the browser... often referred to as third-party scripts. As a close-to-home example shown below, Akamai executes dozens of scripts to...
Website, Know Thyself: What Code Are You Serving?
When we think of “securing our website” from attackers, we often think of securing against hooded figures somewhere in Eastern Europe working out of a smoky office above an illegal gambling den. Not only is that probably geographically insensitive, it’s also not necessarily the best way threat to...
Clickjacking Evolves to Hook Millions of Top-Site Visitors
Clickjacking, where links on a website redirect unknowing users to spam, advertising or malware, has been around for decades. However, new tactics that defy the best mitigation efforts of browsers has led to it affecting millions of internet users browsing the web’s top sites, researchers found i...
Find AND Fix First- and Third-Party Issues with the Power of Real Data and Adaptive Performance
It's been well established that there is a correlation between fast digital experiences and positive business results. What users experience on a site has a direct bearing on their engagement and buying behaviour and consequently the overall success of the business. Slow page load times can lead ...
Flaw In Major Browsers Allows 3rd-Party Scripts to Steal Your Saved Passwords
Security researchers have uncovered how marketing companies have started exploiting an 11-year-old bug in browsers' built-in password managers, which allow them to secretly steal your email address for targeted advertising across different browsers and devices. The major concern is that the same...
AMember 3.1.7 XSS / SQL Injection
AMember - Multiple Vulnerabilities Version Affected: 3.1.7 Apr-10-2009 newest Info: aMember is a flexible membership and subscription management PHP script. It has support for PayPal, BeanStream, 2Checkout, NoChex, VeriSign PayFlow, Authorize.Net, PaySystems, Probilling, Multicards, E-Gold and...