MAL-2025-5973 Malicious code in web3js-wallet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96a262a05712b8db4ab5089f2e93098544cbe69efb3e8cd90b4cb67c1c9e04a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in web3js-wallet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96a262a05712b8db4ab5089f2e93098544cbe69efb3e8cd90b4cb67c1c9e04a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@nikaru-dev/provider-all (>=0.25.1-next.3 <=0.26.0), @nikaru-dev/provider-walletconnect-2 (>=0.18.1-next.2 <=0.19.1-next.0) +11 more potentially affected by CVE-2024-30253 via @solana/web3.js (>=1.67.0 <=1.67.2)

@solana/web3.js NPM version =1.67.0, =0.25.1-next.3, =0.18.1-next.2, =0.20.1-next.9, =0.20.1-next.16, =0.22.1-next.0, =0.14.1-next.5, =0.17.1-next.0, =0.17.1-next.0, =0.22.1, =0.14.1, =0.17.1, =0.17.1, =0.0.1, =0.1.5 Source cves: CVE-2024-30253 Source advisory: OSV:GHSA-8M45-2RJM-J347...

Web3.js 安全漏洞

Web3.js is a TypeScript implementation of the Ethernet JSON RPC API open-sourced by Web3 and related tools maintained by ChainSafe Systems. A security vulnerability exists in versions of Web3.js prior to 4.2.1 that stems from the presence of a prototype contamination vulnerability...

Gigaland NFT Marketplace 1.9 Shell Upload / Key Disclosure

Exploit Title: Gigaland NFT marketplace Shell upload and ETH private key leak Google Dork: N/A Date: 14/8/2022 Exploit Author: Sohel Yousef https://www.linkedin.com/in/sohel-yousef-50a905189/ Software Link: https://gigaland.io/ Version: 1.9 Category: webapps 1. Sell Upload after connectiong your...