logo
  • About
  • Contact
  • Instant Response
  • Hall of fame
  • COVID-19

Categories

  • Alerts and warnings
  • BU Safe
  • Hit by ransomware?
  • Incident handling
  • News

Noticed a problem?

Report an Incident
–or–

Recent Posts

  • Researcher Publishes PoC Exploit for Privilege Escalation Flaw (CVE-2023-0179) in Linux Kernel
  • ProxyNotShell, OWASSRF, TabShell: Patch Your Microsoft Exchange Servers Now
  • Vulnerability Summary for the Week of January 23, 2023
  • What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits
  • New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products

Video

https://www.youtube.com/watch?v=wMsHDH67eb4

RSS NVD Data Feed

  • CVE-2018-25078 (man-db) 26 January 2023
  • CVE-2018-25073 (tsn-ranksystem) 11 January 2023
  • CVE-2019-19034 (manageengine_assetexplorer) 23 March 2020
  • CVE-2019-20627 (autoupdater.net) 23 March 2020
  • CVE-2019-15510 (manageengine_desktop_central) 23 March 2020

RSS CERT-EU News Feed

Information

  • Privacy & Cookies Policy

This Week in Malware: killing Windows Defender with an npm package

Posted on 17 June 2022

From blog.sonatype.com

This Week in Malware, highlights include malicious npm package ‘flame-vali’ that claims to let developers “bypass any request proxys.” But that’s not quite the case. And, some more dependency confusion packages caught by us.

Read more…

Posted in News

Post navigation

Previous post: Chinese hackers targeted South Asian Entity weeks before the Sophos zero-day bug got fixed
Next post: FirmWire : b Full-System Baseband Firmware Emulation Platform
BU CERT
Authorized to use CERT(TM) - CERT is a mark owned by Carnegie
Mellon University

Other CERTs

  • National Cyber Security Centre
  • US-CERT
  • FORTHcert
Proudly powered by WordPress | Theme: bu-cert by Nan Jiang.