12875 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842cplogstatus It is possible for cpread and hdmiread to return -EIO. These values are further used as indexes to access arrays. This issue is fixed by checking t...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fixed the potential NULL-ptr-dereference issue. The indevget function may return NULL, which could lead to a failure when the idev variable is dereferenced in indevforeachifartnl. This patch adds a check for a NULL...
MAL-2026-4661 Malicious code in react-tracked-tony (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eeb24dfdd4a970dc44c017056c2a39bed6aa5973a7ec7e94b20c70d90114726c react-tracked-tony impersonates the popular react-tracked package: package.json sets name: react-tracked-tony, author: Daishi Kato, and homepage:...
SOC-Alert-Investigation-Portfolio
SOC Alert Investigation Portfolio This repository contains pr...
Malicious code in stripe-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2134a01cead67cd3508d0ca8a14acbfd272181c65faed08b8491a1b2e7885ddc Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
angr 9.2.216
angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...
FuzzingBrain V2: A Multi-Agent LLM System for Automated Vulnerability Discovery and Reproduction
Software vulnerabilities pose critical security threats, with nearly 50,000 CVEs reported in 2025. While Large Language Models LLMs show promise for automated vulnerability detection, three key challenges remain. First, LLM-generated vulnerability reports suffer from high false positive rates and...
A Large Language Model Approach to Generating Bypass Rules for Malware Evasion in Analysis Sandbox
Sandbox evasion remains a critical challenge for automated malware analysis, as modern malware employs environment checks to detect analysis platforms and suppress malicious behavior. Existing approaches rely on manually crafted bypass rules that require deep reverse engineering of each evasion...
Inside the 2026 Verizon DBIR: What One Billion Records Revealed About Vulnerability Remediation
The Verizon 2026 Data Breach Investigations Report has been published. Qualys is proud to have served as a research partner and contributor, contributing analysis of more than one billion anonymized vulnerability remediation records across four consecutive DBIR reporting cycles of CISA Known...
MAL-2026-4171 Malicious code in @mc-xp/mc-monolith-js-src-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 13fafa7ca25af537c9383868398521cf50a086c1055e9451e4a2208de0083923 The OpenSSF Package Analysis project identified '@mc-xp/mc-monolith-js-src-package' @ 99.9.1 npm as malicious. It is considered malicious becaus...
Malicious code in identitysecuretokenserv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2704e731d0b82aa5927cf3713f741111b03fe8efb2d886cb0ef472a24705c5e3 The package identitysecuretokenserv was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vfat-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ee0462aa0f5350c9bd21ced3b826fd647a29c72be05f97f21df514c459cc775a The OpenSSF Package Analysis project identified 'vfat-tools' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in sickle-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cf0ce8be09572968ecc56d1879825b49624c7346a7391f203ea27e9ed0805674 The OpenSSF Package Analysis project identified 'sickle-wrapper' @ 0.2.0 npm as malicious. It is considered malicious because: - The package...
MAL-2026-4178 Malicious code in sickle-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cf0ce8be09572968ecc56d1879825b49624c7346a7391f203ea27e9ed0805674 The OpenSSF Package Analysis project identified 'sickle-wrapper' @ 0.2.0 npm as malicious. It is considered malicious because: - The package...
DASM: Domain-Aware Sharpness Minimization for Multi-Domain Voice Stream Steganalysis
The growing use of information hiding in network streaming media for covert communication poses a significant security threat, necessitating the development of robust detection technologies. However, existing steganalysis methods for network voice streams mostly rely on data distributions in...
Joern 4.0.542
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Detecting Data Exfiltration through I2P Anonymity Networks: A Two-Phase Machine Learning Approach
The Invisible Internet Project I2P provides strong anonymity through garlic routing and distributed network architecture, making it attractive for legitimate privacy needs. Nevertheless, the same properties can be exploited by malicious actors to steal sensitive information from corporate network...
VibeHacking
👾 Welcome to Vibe Hacking By BlackPC, Vine & Foxxino Inc...
Exploit for Origin Validation Error in Langflow
CVE-2025-34291corssecurityscanner A lightweight Python-base...
Malicious code in ctf-flare (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23293f1bc28e465f7ffaf916fd8a6cc3958b873a2b338b81c0bf71bb146d1d36 package.json declares a postinstall script that runs node src/install.js after building a local binary. src/install.js is a 175 KB single-line payloa...