Threats Tagged 'mal-2026-10153'
View all threats tagged with 'mal-2026-10153'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'mal-2026-10153'
Click on any threat for detailed analysis and mitigation recommendations
MAL-2026-10153: Malicious code in notifier-log (npm) 0 The notifier-log npm package version 1.3.5 is a malicious package masquerading as a pino-compatible logger. It executes attacker-controlled JavaScript code by fetching payloads from a public mutable paste site, enabling arbitrary code execution with full require access in the Node.js process. This behavior allows the attacker to run arbitrary commands under the context of the installing user. No official patch or remediation is currently documented. Join the discussion | GCVE Database | 07/10/2026, 16:46:36 UTC Added: 07/11/2026, 09:37:31 UTC |
Showing 1 to 1 of 1 result