Lucene search
K

5 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 2:10 a.m.11 views

Malicious code in warp-dependency (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 493b3ed30d94fb482e4b9c7cf3d328ba9b307f91965783f0024ec7dca1fedb96 [email protected] declares postinstall: node index.js in package.json. The index.js entry point is heavily obfuscated using obfuscator.io-style...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/13 2:10 a.m.10 views

MAL-2026-5724 Malicious code in warp-dependency (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 493b3ed30d94fb482e4b9c7cf3d328ba9b307f91965783f0024ec7dca1fedb96 [email protected] declares postinstall: node index.js in package.json. The index.js entry point is heavily obfuscated using obfuscator.io-style...

6AI score
Exploits0References2
The Hacker News
The Hacker News
added 2025/02/05 9:40 a.m.23 views

AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks

A malware campaign has been observed delivering a remote access trojan RAT named AsyncRAT by making use of Python payloads and TryCloudflare tunnels. "AsyncRAT is a remote access trojan RAT that exploits the async/await pattern for efficient, asynchronous communication," Forcepoint X-Labs...

6.5CVSS8AI score0.1337EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/08/02 7:2 a.m.30 views

Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware

Cybersecurity companies are warning about an uptick in the abuse of Clouflare's TryCloudflare free service for malware delivery. The activity, documented by both eSentire and Proofpoint, entails the use of TryCloudflare to create a rate-limited tunnel that acts as a conduit to relay traffic from ...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/17 2:26 p.m.121 views

New LABRAT Campaign Exploits GitLab Flaw for Cryptojacking and Proxyjacking Activities

A new, financially motivated operation dubbed LABRAT has been observed weaponizing a now-patched critical flaw in GitLab as part of a cryptojacking and proxyjacking campaign. "The attacker utilized undetected signature-based tools, sophisticated and stealthy cross-platform malware,...

10CVSS8.1AI score0.99731EPSS
Exploits181
Rows per page
Query Builder