Lucene search
K

5 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/27 4:47 p.m.6 views

Malicious code in trustwallet (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ffef6e3541d5ab62ee32f0d44e9da05c6e495c15a4c9a9d9a4866e40ae502604 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/27 4:47 p.m.5 views

MAL-2026-2273 Malicious code in trustwallet (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ffef6e3541d5ab62ee32f0d44e9da05c6e495c15a4c9a9d9a4866e40ae502604 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

6AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/01/20 8:45 p.m.6 views

@dylan1951/polywallet (>=0.22.0 <=0.28.0) potentially affected by CVE-2025-66692 via @trustwallet/wallet-core (=4.3.6)

@trustwallet/wallet-core NPM version =4.3.6 is affected by a known vulnerability. The following packages have a transitive dependency on @trustwallet/wallet-core and may be impacted: - @dylan1951/polywallet =0.22.0, =0.28.0 Source cves: CVE-2025-66692 Source advisory:...

7.5CVSS5.8AI score0.00348EPSS
Exploits1
Snyk
Snyk
added 2026/01/20 8:45 p.m.4 views

Buffer Over-read

Overview trustwallet/wallet-core is a mobile-focused library implementing low-level cryptographic wallet functionality for a high number of blockchains Affected versions of this package are vulnerable to Buffer Over-read via the verify function. An attacker can cause the application to crash or...

8.7CVSS5.6AI score0.00348EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2025/12/31 4:29 p.m.9 views

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud aka Sha1-Hulud supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension, ultimately resulting in the theft of approximately $8.5 million in assets. "Our Developer GitHub...

6.9AI score
Exploits0
Rows per page
Query Builder