46 matches found
MAL-2026-6443 Malicious code in agentsync-pkg (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b383c760dffae4a26d7f94b433bbe00dedb2426b23f4713610d6f5f36c594cf1 On every import / require'agentsync-pkg', src/index.js line 152 resolves bin/native/parser.node and calls require on it: const p =...
MAL-2026-5932 Malicious code in package-uploader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69b86134d9cd019c2d8ad172eed54cd4a48839d69ed2c6af52b79ef5080da765 [email protected] ships an install-hook.js that runs automatically as the npm postinstall script package.json declares "postinstall": "node...
Malicious code in package-uploader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69b86134d9cd019c2d8ad172eed54cd4a48839d69ed2c6af52b79ef5080da765 [email protected] ships an install-hook.js that runs automatically as the npm postinstall script package.json declares "postinstall": "node...
Malicious code in @nolimit-x/win32-x64 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 343787b335da015be56f49d118534c54bf81abab9e53b40bec0114d23bcc95c7 Package ships a single 8.1 MB Windows PE nolimit-core.exe as its main entry with only the description 'nolimit-x native binary for Windows x64' — no...
MAL-2026-4408 Malicious code in @nolimit-x/win32-x64 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 343787b335da015be56f49d118534c54bf81abab9e53b40bec0114d23bcc95c7 Package ships a single 8.1 MB Windows PE nolimit-core.exe as its main entry with only the description 'nolimit-x native binary for Windows x64' — no...
Malicious code in @bonsai-ai/claude-code-win32-x64 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6591be3fe5d0b37196562035353367d96a2bb1390d8f0f4dae3c5abbfd927f6 Package is published under the @bonsai-ai scope but impersonates Anthropic's official @anthropic-ai/claude-code-win32-x64 platform package...
MAL-2026-4371 Malicious code in @bonsai-ai/claude-code-win32-x64 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6591be3fe5d0b37196562035353367d96a2bb1390d8f0f4dae3c5abbfd927f6 Package is published under the @bonsai-ai scope but impersonates Anthropic's official @anthropic-ai/claude-code-win32-x64 platform package...
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments IDEs on a developer's machine. The technique has been discovered in an Open VSX extension...
HTTP Fetch, Bind TCP Stager (Windows x86)
Fetch and execute an x86 payload from an HTTP server. Listen for a connection Windows x86 Module Options msf use payload/cmd/windows/http/x86/patchupdllinject/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set...
Malicious code in @postman/pm-bin-windows-x64 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02ae17f856e11e19fc956689bbc3e88c8de0052e0ea1017d2048d92f20bfa91b The package @postman/pm-bin-windows-x64 was found to contain malicious code. Source: google-open-source-security...
EUVD-2020-26588
Malware in sbrugna...
OneClik Red Team Campaign Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors
Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors. "The campaign exhibits characteristics aligned with...
CVE-2021-21292
Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulnerability. Only Windows versions are impacted. Attacker needs write access to the filesystem on the host machine. If Java path includes a space, then attacker can lift their...
Ollama Installed (Windows)
Binary data ollamawininstalled.nbin...
GoodAccess Installed (Windows)
Binary data goodaccesswininstalled.nbin...
NoMachine Installed (Windows)
Binary data nomachinewininstalled.nbin...
ISLOnline ISL Light Client Installed (Windows)
Binary data islonlineisllightclientwininstalled.nbin...
Adobe Substance 3D Stager Installed (Windows)
Binary data adobesubstance3dstagerwininstalled.nbin...
DuckDB Installed (Windows)
Binary data duckdbwininstalled.nbin...
PostgreSQL pgAdmin4 Installed (Windows)
Binary data postgresqlpgadmin4wininstalled.nbin...