Malicious Package

Overview changiairportpromax is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

Malicious Package

Overview thebigyahu is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisi...

Malicious Package

Overview nottuff23 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

Malicious Package

Overview backupgenuine-updated is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generat...

Malicious Package

Overview backup2-asd is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

Malicious Package

Overview abuden4 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

Malicious Package

Overview ishowfeet17 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

Malicious Package

Overview imillegal4 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisi...

Malicious Package

Overview lowkirkuenly is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

Malicious code in @squawk/airport-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a12035131eafd29a07572751653f857706ac1b113fcbd498a70f54d96d5276cc The package @squawk/airport-data was found to contain malicious code. Source: ghsa-malware...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airport-data (>=0.4.1 <=0.7.3)

@squawk/airport-data NPM version =0.4.1, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3435...

MAL-2026-3435 Malicious code in @squawk/airport-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a12035131eafd29a07572751653f857706ac1b113fcbd498a70f54d96d5276cc The package @squawk/airport-data was found to contain malicious code. Source: ghsa-malware...

@squawk/airport-data (>=0.2.0 <=0.7.3), @squawk/airports (>=0.2.0 <=0.6.1) +16 more potentially affected by unknown CVE via @squawk/types (>=0.3.1 <=0.8.0)

@squawk/types NPM version =0.3.1, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.3.5 and more Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKTYPES-16640890...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airport-data (>=0.4.1 <=0.7.3)

@squawk/airport-data NPM version =0.4.1, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRPORTDATA-16640876...

Safeguarding Skies: Airport Cybersecurity in the Digital Age

The aviation industry faces significant vulnerabilities from both physical and cybersecurity threats, highlighting the urgent need for enhanced cybersecurity measures amid increasingly sophisticated attacks. This paper systematically reviews emerging threats at airports, analyzing real-world...

Hong Kong Police Can Force You to Reveal Your Encryption Keys

According to a new law, the Hong Kong police can demand that you reveal the encryption keys protecting your computer, phone, hard drives, etc.--even if you are just transiting the airport. In a security alert dated March 26, the U.S. Consulate General said that, on March 23, 2026, Hong Kong...

CVE-2011-0172

AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service divide-by-zero error and reboot via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162...

CVE-2011-0196

AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service out-of-bounds read and reboot via Wi-Fi frames on the local wireless network...

CVE-2025-54863

Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to remotely alter weather data and configurations, automate attacks against multiple instances, and extract sensitive meteorological data, which could...

CVE-2025-54863

Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to remotely alter weather data and configurations, automate attacks against multiple instances, and extract sensitive meteorological data, which could...