MAL-2025-51208 Malicious code in candra-lupis49-cloud9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d643196379c89355afc3c42f9dda1958ca22c364c8a20b61781fb63a296dcc5f The package candra-lupis49-cloud9 was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...

Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362

Cisco on Wednesday disclosed that it became aware of a new attack variant that's designed to target devices running Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software releases that are susceptible to CVE-2025-20333 and...

EUVD-2025-37700

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access sensitive user data...

Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack

A suspected nation-state threat actor has been linked to the distribution of a new malware called Airstalk as part of a likely supply chain attack. Palo Alto Networks Unit 42 said it's tracking the cluster under the moniker CL-STA-1009 , where "CL" stands for cluster and "STA" refers to...

EUVD-2025-37263

Malicious code in style-tailwind-variant npm...

Malicious code in style-tailwind-variant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44577e5c235fe9163b6f47f81c7813a15491137478bb6ccbe5fe45ca911d17d1 The package style-tailwind-variant was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview style-tailwind-variant is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

MAL-2025-49270 Malicious code in style-tailwind-variant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44577e5c235fe9163b6f47f81c7813a15491137478bb6ccbe5fe45ca911d17d1 The package style-tailwind-variant was found to contain malicious code. Source: ghsa-malware...

The AI-Designed Bioweapon Arms Race

Interesting article about the arms race between AI systems that invent/design new biological pathogens, and AI systems that detect them before they're created: The team started with a basic test: use AI tools to design variants of the toxin ricin, then test them against the software that is used ...

CVE-2025-10150 Webserver crash caused by scanning on TCP port 80

Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects smartLink HW-PN: from 1.02 through 1.03 smartLink HW-DP: 1.31...

Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques

Trend™ Research identified a sophisticated Agenda ransomware attack that deployed a Linux variant on Windows systems. This cross-platform execution can make detection challenging for enterprises...

📄 Transmission Torrent Parsing Integer Overflows

Torrent file parsing in Transmission suffers from multiple integer overflow vulnerabilities. I took a look at torrent file parsing in libtransmission, there are a few integer overflows because the trnew/trnew0 allocation wrappers don't handle overflow. define trnewstructtype, nstructs \ structtyp...

[SECURITY] Fedora 42 Update: python-socketio-5.14.1-1.fc42

Socket.IO is a transport protocol that enables real-time bidirectional event-based communication between clients typically, though not always, web browsers and a server. The official implementations of the client and server components are written in JavaScript. This package provides Python...

CVE-2021-22291 EIBPORT Reflected XSS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2...

EUVD-2021-14180

Malware in sbrugna...

EUVD-2021-0375

Malware in sbrugna...

EUVD-2002-1022

Malware in sbrugna...

EUVD-2007-0952

Malware in sbrugna...

EUVD-2021-0280

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414416)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414416 advisory. Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data...