RUSTSEC-2026-0016 `polymarkets-rs-clob-client` was removed from crates.io for malicious code

This is part of an ongoing campaign to attempt to typosquat crates in the polymarket-client-sdk ecosystem to exfiltrate user credentials. The malicious crate had 1 version published on 2026-02-19 approximately 20 hours before removal and had no evidence of actual downloads. There were no crates...

WordPress plugin AZIndex 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

USN-6058-1 linux-aws, linux-aws-hwe vulnerability

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

Malicious code in free-net-vpn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7c578ebbd5b9dea94fedafe257ab0b885731b9f32789b9d9a2708193ef03995 Security researchers at Check Point Research discovered a malicious package called free-net-vpn that targets environment variables. PyPI has since remove...