Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency that delivers a trojan capable of targeting Windows, macOS, and Linux systems. Versions 1.14.1 and 0.30.4 of Axios have been found to...

CVE-2026-33525

Authelia is affected by a Cross‑Site Scripting vulnerability arising from improper neutralization of the input used to render the login page template. The issue stems from the langauge cookie value not being properly sanitized when generating HTML, enabling potential script execution under certai...

EUVD-2025-27596

Malicious code in bioql PyPI...

CVE-2025-57902

Cross-Site Request Forgery CSRF vulnerability in Md Taufiqur Rahman RIS Version Switcher - Downgrade or Upgrade WP Versions Easily ris-version-switcher allows Cross Site Request Forgery.This issue affects RIS Version Switcher - Downgrade or Upgrade WP Versions Easily: from n/a through = 1.0...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the report serving functionality. An attacker capable of changing report content can bypass the Content-Security-Policy introduced in Jenkins 1.641 and 1.625.3. Workaround Affected users are advised to...

UBUNTU-CVE-2022-39236

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the...

Malicious Package in slush-fullstack-framework

Version 0.9.2 of slush-fullstack-framework contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It'...