3 matches found
Malicious code in vue-template-compiler-plugin (npm)
Full C2 implant disguised as vue-template-compiler fork. postinstall-run.cjs loads tooling-bootstrap.cjs which contains base64-encoded C2 agent. Decoded payload: registers victim hostname, username, OS to Cloudflare tunnel C2 at maiden-apply-looks-education.trycloudflare.com, beacons for tasks,...
MAL-2026-3777 Malicious code in vue-template-compiler-plugin (npm)
Full C2 implant disguised as vue-template-compiler fork. postinstall-run.cjs loads tooling-bootstrap.cjs which contains base64-encoded C2 agent. Decoded payload: registers victim hostname, username, OS to Cloudflare tunnel C2 at maiden-apply-looks-education.trycloudflare.com, beacons for tasks,...
0-1-project (=0.0.1), 02vue_toast_demo (>=1.0.0 <=1.0.4) +8619 more potentially affected by CVE-2024-6783 via vue-template-compiler (>=2.0.0 <=2.7.9)
vue-template-compiler NPM version =2.0.0, =1.0.0, =0.0.1, =1.0.0, =0.0.1, =2.0.0, =1.0.0, =0.3.11, =0.0.1, =11.0.1, =11.0.2 and more Source cves: CVE-2024-6783 Source advisory: OSV:GHSA-G3CH-RX76-35FX...