Malicious Package

Overview tailwindcss-bootstrap-color is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of th...

Malicious Package

Overview session-keeper is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package...

Malicious Package

Overview node-tailwind is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. On...

Malicious Package

Overview react-adparser is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package...

Malicious Package

Overview redux-motion is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. Onc...

Malicious Package

Overview seeds-random is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. Onc...

Malicious Package

Overview pgforce is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. Once...

Malicious Package

Overview assert-json-not is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package...

Fake Battlefield 6 Downloads Are Spreading Malware, Stealing Player Data

Bitdefender Labs found fake Battlefield 6 pirated copies and trainers spreading aggressive malware, C2 agents, and infostealers, designed to steal player data and crypto-wallets...

CGGMP21 presignatures can be used in the way that significantly reduces security

This attack is against presignatures used in very specific context: Presignatures + HD wallets derivation: security level reduces to 85 bits \ Previously you could generate a presignature, and then choose a HD derivation path while issuing a partial signature via Presignature::setderivationpath,...

RUSTSEC-2025-0127 CGGMP21 presignatures can be used in the way that significantly reduces security

This attack is against presignatures used in very specific context: Presignatures + HD wallets derivation: security level reduces to 85 bits \ Previously you could generate a presignature, and then choose a HD derivation path while issuing a partial signature via Presignature::setderivationpath,...

New Eternidade Stealer Uses WhatsApp to Steal Banking Data

Trustwave SpiderLabs warns of Eternidade Stealer, a new banking trojan spreading via personalised WhatsApp messages. Find out how this malicious software bypasses security checks and deploys fake login screens for major banks and wallets...

Malicious code in ellacrity.recoil (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security c10eec28bf8da96caa61583697ae4e44102b7a4f1b84e361e0f609be824a79c6 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

Malicious code in ginfuru.better-nunjucks (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security c1f105a5bf6daf41b694f7cc339589ac86e57964dd2f761bc04b8ea20fe70ae8 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

Malicious code in JScearcy.rust-doc-viewer (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 1dbdd73bf66fbfde48d73e86ebfbb11ca8bb6f44ff57a5030596fc189f962ddf This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

Malicious code in l-igh-t.vscode-theme-seti-folder (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security dc07b5a9c4c6f86929db6d62c15f2c2a9c52912263950282c709e0b68387f54b This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

Malicious code in SIRILMP.dark-theme-sm (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a30acc5c978ef579bc01603521f705b16016df5a2e72e44e1c0f3222ff2e6068 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

Malicious code in sissel.shopify-liquid (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 8174c373fd818eb48388777436e30f84dcf0846593fcbddc3e73f898858a4317 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

Malicious code in cline-ai-main.cline-ai-agent (VSCode)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 04aeefbf39e1e9157280b91899a141e4f4c6619d434c594e4a2d3bf43883dbe6 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

MAL-2025-191158 Malicious code in CodeInKlingon.git-worktree-menu (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 68ef1fadb311fcf38b0a3d9f7e7845c12f201bfdab9556387e9a8b052cec8ee5 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...