Malicious code in kak-kupit-kriptovaliutu-v-rossii-cherez-tinkoff-investitsii-s21dt6n0d (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 722439ce10201bd57480a22eff49b9404dd698bbc8e34f901c4259142722a1ef Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Nginx 1.25.5 Host Header Validation Vulnerability

Nginx versions 1.25.5 and below appear to have a host header filtering validation bug that could possibly be used for malice. Nginx = 1.25.5 $host variable validation bug Intro: In the "Host" header sent to Nginx web server you can't just insert a dot or something like that, because a filtering...

September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM

September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM. Hello everyone! On the last day of September, I decided to record another retrospective episode on how my Vulnerability Management month went...

MAL-2022-6582 Malicious code in tinkoff-web-tracking (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8430ad0ed9e8c2a8e9493419b210bb23aef0c358fcb5c01283db9d6f272093d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tinkoff-web-tracking (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8430ad0ed9e8c2a8e9493419b210bb23aef0c358fcb5c01283db9d6f272093d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @specials/request-tinkoff (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70950da2d6265fb0f361f58470cdf72dd46749320aec9096e763b16815dedeaf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-603 Malicious code in @specials/request-tinkoff (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70950da2d6265fb0f361f58470cdf72dd46749320aec9096e763b16815dedeaf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-646 Malicious code in @tinkoff-component/appointment (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3faf95ed10405c227dbb4de41f7ba1581c83b166b95d235ff3691644ee8d9b0b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @tinkoff-component/appointment (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3faf95ed10405c227dbb4de41f7ba1581c83b166b95d235ff3691644ee8d9b0b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tinkoff-offers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c40e24cbe03dfbd621e8e08d41fbca2c64a1b047f2fd72afe1bcb859e6b86303 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tinkoff-form-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c6a76989054686eab876dd505ac5858d7d81e7c7867136934b10c782e08f244 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6577 Malicious code in tinkoff-form-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c6a76989054686eab876dd505ac5858d7d81e7c7867136934b10c782e08f244 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in eslint-plugin-tinkoff (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a97acbfce99ce8cbb977670e09b30c65342400f3ac3777b330ce71307a50374 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2827 Malicious code in eslint-plugin-tinkoff (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a97acbfce99ce8cbb977670e09b30c65342400f3ac3777b330ce71307a50374 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tinkoff-push-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 100d2e4c7fa6fc1fa8734b39177f7b6a6c93b853ca4a12d6d470768e03df237c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6578 Malicious code in tinkoff-insurance-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4543f1f8fbdaa3b807b9203d7960293f14874c41610189b62d2b6f672bb033c6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tinkoff-insurance-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4543f1f8fbdaa3b807b9203d7960293f14874c41610189b62d2b6f672bb033c6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tinkoff-talk-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c76741d903b6ba3173fc55b46fad124d52dd7f5d23c73107d5d43afb73db4a06 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @tinkoff-react-bui/input (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f3abba81dd7afefb444eaea1ecbf7340da688924bfac3688c7eb968144bb090 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-655 Malicious code in @tinkoff-react-bui/input (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f3abba81dd7afefb444eaea1ecbf7340da688924bfac3688c7eb968144bb090 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...