Lucene search
K

67 matches found

OSV
OSV
added 2026/06/27 2:32 a.m.4 views

MAL-2026-6544 Malicious code in chai-as-persisted (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cf9c49450e0fa0d47be1b6ae27991f844868ff6c435d2082948b5feae862709 The package's postinstall script npm run smoke:pino executes index.js, which spawns a detached node lib/initializeCaller.js child. That module hides...

6AI score
Exploits0References3
OSV
OSV
added 2026/06/09 8:32 p.m.25 views

MAL-2026-5466 Malicious code in getd-eslint-rules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17328047b2ec8dce82cfbdfd5b16c8f862d51dca26b02c9801587c220a48975a On npm install, postinstall.js collects host identifiers os.hostname, os.userInfo username, os.platform, current working directory, CI environment...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 7:31 p.m.13 views

Malicious code in @tailwind-core/oxide-linux-x64-gnu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a107a0746f2f5159d661e4d332eac53f871b9d22f80caf5863bdd713e252ae00 The package name '@tailwind-core/oxide-linux-x64-gnu' impersonates the legitimate Tailwind CSS v4 oxide engine package...

5.9AI score
Exploits0References1
HackRead
HackRead
added 2026/04/10 4:55 p.m.2 views

GraphAlgo Scam: Lazarus Hackers Register Real US LLCs to Spread Malware

ReversingLabs has discovered a fresh wave of the graphalgo campaign in which North Korean Lazarus hackers are using fake Florida LLCs, mimicking SWFT Blockchain, and using GitHub typo-squatting to target developers with malware...

5.8AI score
Exploits0
OSV
OSV
added 2026/02/23 4:0 p.m.6 views

MAL-2026-1003 Malicious code in cnnct-eaas-corre (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 2111dcd49405f8c078842cf7af9cfe21ddb54f558d66f2949da752d0e62cddd1 This package appears to be a typo-squatting attempt targeting connect-eaas-core...

5.5AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/23 4:0 p.m.9 views

Malicious code in cnnct-eaas-corre (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 2111dcd49405f8c078842cf7af9cfe21ddb54f558d66f2949da752d0e62cddd1 This package appears to be a typo-squatting attempt targeting connect-eaas-core...

5.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2026/01/22 4:0 p.m.13 views

How Public Container Registries Have Become a Silent Risk Multiplier in a Modern Supply Chain

Key Takeaways Pulling container images from public registries is a trust decision, not a neutral operational step. The impact extends to infrastructure stability, cloud spend, and security risk. Cryptomining is the most common form of malicious abuse in public container images, driven by the ease...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/20 12:0 a.m.3 views

The Hidden Dangers of Public Serverless Repositories: An Empirical Security Assessment

Serverless computing has rapidly emerged as a prominent cloud paradigm, enabling developers to focus solely on application logic without the burden of managing servers or underlying infrastructure. Public serverless repositories have become key to accelerating the development of serverless...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/07 3:33 p.m.8 views

Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

Python is everywhere in modern software. From machine learning models to production microservices, chances are your code—and your business—depends on Python packages you didn't write. But in 2025, that trust comes with a serious risk. Every few weeks, we're seeing fresh headlines about malicious...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.2 views

URLCrazy Domain Name Typo Tool 0.8.2

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo ...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2025/04/16 10:52 p.m.12 views

From PyPI to the Dark Marketplace: How a Malicious Package Fuels the Sale of Telegram Identities

Introduction In today’s digital era, security breaches can occur in the blink of an eye. Telegram Desktop is renowned for its secure, user-friendly messaging interface, but what if the data used to provide seamless experience could also be your greatest problem? Our investigation into three...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/04/10 1:0 p.m.37 views

Stories from the SOC Part 2: MSIX Installer Utilizes Telegram Bot to Execute IDAT Loader

Rapid7’s Managed Detection and Response MDR team continuously monitors our customers' environments, identifying emerging threats and developing new detections. In August 2023, Rapid7 identified a new malware loader named the IDAT Loader. Malware loaders are a type of malicious software designed t...

7.1AI score
Exploits0
Trellix
Trellix
added 2023/02/28 12:0 a.m.15 views

Cybercrime Takes Advantage of 2023-Recession with Job-Themed Scams

Cybercrime Takes Advantage of 2023 Recession with Job-Themed Scams By Daksh Kapur · February 28, 2023 Figure 1 image from freepik.com and flaticon.com The current economic climate globally is grim because of the ongoing recession. In this environment, job-themed emails have become a prime target...

7AI score
Exploits0
Trellix
Trellix
added 2023/02/28 12:0 a.m.13 views

Cybercrime Takes Advantage of 2023-Recession with Job-Themed Scams

Cybercrime Takes Advantage of 2023 Recession with Job-Themed Scams By Daksh Kapur · February 28, 2023 Figure 1 image from freepik.com and flaticon.com The current economic climate globally is grim because of the ongoing recession. In this environment, job-themed emails have become a prime target...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/26 10:0 a.m.50 views

A week in security (September 19 – 25)

Last week on Malwarebytes Labs: Hookup site targeted by typo-squatters American Airlines suffers data breach after phishing incident Grand Theft Auto 6 suffers grand theft EDR vs MDR vs XDR - Whats the Difference? Scammers send fake 'Energy Bills Support Scheme' texts Tax refund phish logs...

1.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/19 4:0 p.m.20 views

Hookup site targeted by typo-squatters

Ethical hacker and security researcher Kody Kinzie shared with BleepingComputer a list of over 50 domains of which many are spelling variations of the brand name Sniffies. Sniffies identifies itself as a "modern, map-based, meetup app for gay, bi, and curious guys." Kody used an open source tool...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/05 2:12 p.m.38 views

Researchers Uncover Malicious NPM Packages Stealing Data from Apps and Web Forms

A widespread software supply chain attack has targeted the NPM package manager at least since December 2021 with rogue modules designed to steal data entered in forms by users on websites that include them. The coordinated attack, dubbed IconBurst by ReversingLabs, involves no fewer than two doze...

1.2AI score
Exploits0
OSV
OSV
added 2020/09/02 8:20 p.m.9 views

GHSA-MMPH-WP49-R48H Malicious Package in experss

All versions of experss typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process w...

9.8CVSS6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2020/06/09 12:30 p.m.68 views

URLCrazy - Generate And Test Domain Typos And Variations To Detect And Perform Typo Squatting, URL Hijacking, Phishing, And Corporate Espionage

URLCrazy is an OSINT tool to generate and test domain typos or variations to detect or perform typo squatting, URL hijacking, phishing, and corporate espionage. Homepage: https://www.morningstarsecurity.com/research/urlcrazy Use Cases Detect typo squatters profiting from typos on your domain name...

7.1AI score
Exploits0References5
Node.js
Node.js
added 2019/05/06 2:12 p.m.15 views

Malicious Package

Overview All versions of requeest typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

6.6AI score
Exploits0Affected Software1
Rows per page
Query Builder