New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024. Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific...

CVE-2025-23537

Cross-Site Request Forgery CSRF vulnerability in קידום ובניית אתרים add custom google tag manager add-custom-google-tag-manager allows Stored XSS.This issue affects add custom google tag manager: from n/a through = 1.0.3...

Malicious code in frontend-google-tag-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4f6a0228c6c8a63f058b39d72aa7f23d1f92b03e46a8f5dff1b1f856bbb6306 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-33611

Malicious code in frontend-google-tag-manager npm...

Malicious Package

Overview frontend-google-tag-manager is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

EUVD-2025-25042

Malicious code in bioql PyPI...

EUVD-2023-50355

Malicious code in bioql PyPI...

EUVD-2023-26822

Malicious code in bioql PyPI...

EUVD-2024-54496

Malicious code in bioql PyPI...

EUVD-2025-3237

Malicious code in bioql PyPI...

EUVD-2023-41364

Malicious code in bioql PyPI...

EUVD-2022-25229

Malicious code in bioql PyPI...

EUVD-2024-16970

Malicious code in bioql PyPI...

CVE-2025-8362

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal GoogleTag Manager allows Cross-Site Scripting XSS.This issue affects GoogleTag Manager: from 0.0.0 before 1.10.0...

CVE-2025-8362

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal GoogleTag Manager allows Cross-Site Scripting XSS.This issue affects GoogleTag Manager: from 0.0.0 before 1.10.0...

CVE-2025-8362

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal GoogleTag Manager allows Cross-Site Scripting XSS.This issue affects GoogleTag Manager: from 0.0.0 before 1.10.0...

CVE-2025-8362

The CVE-2025-8362 issue affects the Drupal GoogleTag Manager module, specifically versions 0.0.0 through 1.9.9. It is caused by improper neutralization of input during web page generation, leading to Cross‑Site Scripting (XSS). The vulnerability’s practical impact is the potential execution of ma...

CVE-2025-8362 GoogleTag Manager - Moderately critical - Cross-site scripting - SA-CONTRIB-2025-094

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal GoogleTag Manager allows Cross-Site Scripting XSS.This issue affects GoogleTag Manager: from 0.0.0 before 1.10.0...

CVE-2025-8362 GoogleTag Manager - Moderately critical - Cross-site scripting - SA-CONTRIB-2025-094

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal GoogleTag Manager allows Cross-Site Scripting XSS.This issue affects GoogleTag Manager: from 0.0.0 before 1.10.0...

PT-2025-33499 · Drupal · Drupal Googletag Manager

Name of the Vulnerable Software and Affected Versions: Drupal GoogleTag Manager versions 0.0.0 through 1.9.9 Description: Improper neutralization of input during web page generation allows for Cross-Site Scripting XSS. Recommendations: Update Drupal GoogleTag Manager to version 1.10.0 or later...