1026 matches found
PT-2026-46360
That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...
PT-2026-46369
That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...
PT-2026-46333
That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...
PT-2026-46320
That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...
PT-2026-46365
That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...
PT-2026-46353
That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...
PT-2026-46351
That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...
EUVD-2023-40390
Malicious code in bioql PyPI...
MAL-2025-6220 Malicious code in svelte-intl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4125174a3a5dd31d226347f4233e451beb406573ff2e254d5b9b6289f52ff3af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6137 Malicious code in yarn-test-git-repo (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware edc9cafea25a24afd9f19a9a4ba2af18e06bd436e07baa0c8cb4250ab522228c Any computer that has this package installed or running should be considered...
CVE-2025-53025
The CVE-2025-53025 entry refers to Oracle VM VirtualBox (Core) with affected version 7.1.10. The vulnerability permits a high-privileges attacker who can log on to the infrastructure running VirtualBox to compromise the product, with potential impact including unauthorized access to critical data...
CVE-2025-50102
...
CVE-2025-50078
...
CVE-2025-50060
...
MAL-2025-5979 Malicious code in wrb3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 08d88ef4850c22d9aecb5ddb11ae54339766a852526d80394aea04b92d91aaf9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5933 Malicious code in lezer-promql-tree-viz (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 75c995399e97f574eb4cc3e4484bfabc69554ee170fa58d38740ba5d058568d5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5487 Malicious code in @verrylinh/discord (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4318dae373846eedd4a261b1261f3bd9b820a4a0ce74f9e3adac51d403204428 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5479 Malicious code in webengage (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b526ee0b000536b84421cac42f7eaa62010d08785c0d61238fe4c3afe8a445d Any computer that has this package installed or running should be considered...
MAL-2025-5177 Malicious code in api-mojang (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c546cb9cfb37fc5b4a75a68896eb8c7cbd4d9be14ddfd39d74f9c47d42e86419 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4829 Malicious code in express-jscookie (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a039598d9f3f70e0ed6978355821d7e65491688a59a77f5167a54f7eb667437a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...