CVE-2025-13483 Missing Authentication for Critical Function in SiRcom SMART Alert (SiSA)

SiRcom SMART Alert SiSA allows unauthorized access to backend APIs. This allows an unauthenticated attacker to bypass the login screen using browser developer tools, gaining access to restricted parts of the application...

CVE-2025-13483 Missing Authentication for Critical Function in SiRcom SMART Alert (SiSA)

SiRcom SMART Alert SiSA allows unauthorized access to backend APIs. This allows an unauthenticated attacker to bypass the login screen using browser developer tools, gaining access to restricted parts of the application...

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-329-01 Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share ICSA-25-329-02 Rockwell Automation Aren...

3 SOC Challenges You Need to Solve Before 2026

2026 will mark a pivotal shift in cybersecurity. Threat actors are moving from experimenting with AI to making it their primary weapon, using it to scale attacks, automate reconnaissance, and craft hyper-realistic social engineering campaigns. The Storm on the Horizon Global world instability,...

Malicious Package

Overview initial-path is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2025-199012

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There are Hard-coded configuration values...

EUVD-2025-199015

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to disclose user hashes...

EUVD-2025-199016

A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain conditions...

CVE-2025-54341

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There are Hard-coded configuration values...

EUVD-2025-199415

Malicious code in @voiceflow/exception npm...

Malicious code in @oku-ui/alert-dialog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 824a69f83431a766f681bc72d705ff3b28ae9309898b4ad10979adca148f2276 The package @oku-ui/alert-dialog was found to contain malicious code. Source: google-open-source-security...

EUVD-2025-199395

Malicious code in @voiceflow/react-chat npm...

EUVD-2025-199382

Malicious code in @voiceflow/tsconfig-paths npm...

EUVD-2025-199378

Malicious code in @voiceflow/vitest-config npm...

EUVD-2025-199491

Malicious code in @oku-ui/alert-dialog npm...

MAL-2025-191248 Malicious code in @oku-ui/alert-dialog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 824a69f83431a766f681bc72d705ff3b28ae9309898b4ad10979adca148f2276 The package @oku-ui/alert-dialog was found to contain malicious code. Source: google-open-source-security...

SiRcom SMART Alert 访问控制错误漏洞

SiRcom SMART Alert is a public alert system from SiRcom USA. An access control error vulnerability exists in SiRcom SMART Alert that stems from unauthorized access to the back-end API, which could result in bypassing login restrictions...

PT-2025-48047

SiRcom SMART Alert SiSA allows unauthorized access to backend APIs. This allows an unauthenticated attacker to bypass the login screen using browser developer tools, gaining access to restricted parts of the application...

EUVD-2025-199275

Malicious code in quickswap-default-staking-list-address npm...

EUVD-2025-199321

Malicious code in @everreal/web-analytics npm...