512 matches found
MAL-2026-10540 Malicious code in postcss-processor-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0253c4f750443ba47f0ab61347fa85a1659b847190a85757575e904966636da On require, src/index.js loads src/token-loader.js, which reads data/design-tokens.json, XOR-decodes the base64 blobs under encrypted.chunks using a...
XOR Encoder with Cipher Feedback
Dword XOR encoder with cipher feedback for RISC-V 64-bit Little Endian. Each dword is XORed with the previous encoded dword rather than a static key, creating a chained dependency that makes the output more resistant to frequency analysis. The first dword is XORed with the key to bootstrap the...
XOR Encoder
Dword XOR encoder for RISC-V 32-bit Little Endian. Encodes the payload with a 4-byte XOR key. Module Options msf use encoder/riscv32le/longxor msf encoderlongxor show actions ...actions... msf encoderlongxor set ACTION msf encoderlongxor show options ...show and set options... msf encoderlongxor...
XOR Encoder with Cipher Feedback
Dword XOR encoder with cipher feedback for RISC-V 32-bit Little Endian. Each dword is XORed with the previous encoded dword rather than a static key, creating a chained dependency that makes the output more resistant to frequency analysis. The first dword is XORed with the key to bootstrap the...
Byte XORi Encoder
Byte XOR encoder for RISC-V 32-bit Little Endian. Encodes the payload byte-by-byte with a 1-byte XOR key using the xori instruction. Useful when R-type XOR instruction bytes 0x33 are bad characters. Module Options msf use encoder/riscv32le/bytexori msf encoderbytexori show actions ...actions... m...
XOR Encoder
Dword XOR encoder for RISC-V 64-bit Little Endian. Encodes the payload with a 4-byte XOR key. Module Options msf use encoder/riscv64le/longxor msf encoderlongxor show actions ...actions... msf encoderlongxor set ACTION msf encoderlongxor show options ...show and set options... msf encoderlongxor...
Byte XORi Encoder
Byte XOR encoder for RISC-V 64-bit Little Endian. Encodes the payload byte-by-byte with a 1-byte XOR key using the xori instruction. Useful when R-type XOR instruction bytes 0x33 are bad characters. Module Options msf use encoder/riscv64le/bytexori msf encoderbytexori show actions ...actions... m...
CVE-2026-53450
The CVE-2026-53450 entry affects Coturn (TURN/STUN server). A defect in prior releases (
CVE-2026-53450 Coturn: IPv4-mapped 127.0.0.1 bypasses default loopback peer protection
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 in a TURN...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code and was identified as part of the PolinRider supply chain campaign, linked to North Korean threat actors associated with the Contagious Interview/Famous Chollima activity...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code and was identified as part of the PolinRider supply chain campaign, linked to North Korean threat actors associated with the Contagious Interview/Famous Chollima activity...
Malicious code in @marketfront/blenderdevtool (npm)
The @marketfront/blenderdevtool package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...
MAL-2026-6772 Malicious code in @marketfront/customdealsfeed (npm)
The @marketfront/customdealsfeed package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...
MAL-2026-6786 Malicious code in @marketfront/mychatspreloader (npm)
The @marketfront/mychatspreloader package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and us...
Malicious code in @marketfront/dynamicpageparams (npm)
The @marketfront/dynamicpageparams package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and u...
MAL-2026-6785 Malicious code in @marketfront/madvpopup (npm)
The @marketfront/madvpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...
MAL-2026-6765 Malicious code in @marketfront/bannerpopup (npm)
The @marketfront/bannerpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...
Malicious code in theme-color-picker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a4ba7e8664b9e1d99c4018963a4731d591653d7f2a9b879ba090e7a7f6e7bd Although the package presents itself as a 'theme color picker', package.json identifies the publisher as analysis-chart.io with repository...
MAL-2026-6299 Malicious code in analysis-chart (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1ab4349bcc1e8f4434817d242b136f6e6050d4acb234aa833d81ffd74942066 The package's postinstall hook install-hook.js, invoked via package.json scripts.postinstall fetches an opaque binary 'payload.bin' from...
Malicious code in gpu-accelerator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab0d6b253674f5eef505fbffb76003d2071569fd9d8abdf8993197738bb27759 The package advertises itself as a PostCSS plugin for CSS hardware-acceleration hints, but its only legitimate behavior is a 3-line walkDecls that ad...