logo
  • About
  • Contact
  • Instant Response
  • Hall of fame
  • COVID-19

Categories

  • Alerts and warnings
  • BU Safe
  • Hit by ransomware?
  • Incident handling
  • News

Noticed a problem?

Report an Incident
–or–

Recent Posts

  • ASEC Weekly Malware Statistics (January 30th, 2023 – February 5th, 2023)
  • Major CrackDown – Police Hacked Exclu ‘secure’ Cybercriminal Message Platform
  • Vulnerability Provided Access to Toyota Supplier Management Network
  • OpenSSL fixes High Severity data-stealing bug – patch now!
  • PixPirate – Advanced Android Threat Targets Brazilian Financial Organizations

Video

https://www.youtube.com/watch?v=wMsHDH67eb4

RSS NVD Data Feed

  • CVE-2023-0454 (orangescrum) 1 February 2023
  • CVE-2023-0524 (nessus, tenable.io, tenable.sc) 1 February 2023
  • CVE-2023-20856 (vrealize_operations) 1 February 2023
  • CVE-2023-0587 (apex_one) 1 February 2023
  • CVE-2022-4206 (dast_api_scanner) 1 February 2023

RSS CERT-EU News Feed

Information

  • Privacy & Cookies Policy

Three npm packages found opening shells on Linux, Windows systems

Posted on 17 October 2020

From zdnet.com

npm

Three JavaScript packages have been removed from the npm portal on Thursday for containing malicious code.

According to advisories from the npm security team, the three JavaScript libraries opened shells on the computers of developers who imported the packages into their projects.

Read more…

Posted in News

Post navigation

Previous post: Tracing fresh Ryuk campaigns itw
Next post: Microsoft releases emergency security updates for Windows and Visual Studio
BU CERT
Authorized to use CERT(TM) - CERT is a mark owned by Carnegie
Mellon University

Other CERTs

  • National Cyber Security Centre
  • US-CERT
  • FORTHcert
Proudly powered by WordPress | Theme: bu-cert by Nan Jiang.