Malicious code in @bmg-web/bmg-checkbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1670cde81640c3ef6602cd58c332cc7af5d682ac200e16addc67e3afcc2ff67f The package @bmg-web/bmg-checkbox was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2983 Malicious code in @bmg-web/bmg-checkbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1670cde81640c3ef6602cd58c332cc7af5d682ac200e16addc67e3afcc2ff67f The package @bmg-web/bmg-checkbox was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in etsyapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d3ba88687c2454c8371f948d388d1aa11c628cc010daeee014c9dd60ad1c193 The package etsyapp was found to contain malicious code. Source: ossf-package-analysis 919ce430631b9f294e4f67032799f5df86d6c943a20c330407641916d7aab6...

MAL-2026-2981 Malicious code in @bmg-web/bmg-button (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b59b2c3d1c98e7a5f4faae9549ed4f302c9273e1efeaee63e70f3013300327c2 The package @bmg-web/bmg-button was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2986 Malicious code in @bmg-web/bmg-dropdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba8b2c9cb8ff59d283200d129e3ad62a7f469072326443114ebadcda2da4f894 The package @bmg-web/bmg-dropdown was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2980 Malicious code in @bmg-web/bmg-ajax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9d0060c1d5029ed1bcb3ed00c20e6a283a930b13d6e93072cebb3e97e45b78d The package @bmg-web/bmg-ajax was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2989 Malicious code in @bmg-web-features/bmg-user-interaction-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60a8d06e34bceb11580d97e9e5b024221925eb7302ad803fcf48c22672995036 The package @bmg-web-features/bmg-user-interaction-tracker was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @bmg-web/bmg-external-link (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6373b00808251dd64521cfb1864a0bf382c5df23e976984dea8dbebf925bbb63 The package @bmg-web/bmg-external-link was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2979 Malicious code in tsdoc-build-rig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa9483578294aa1f05417210a36c0840de9fe1104aa1c36c6cad6f0ac4fe4760 The package tsdoc-build-rig was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in tsdoc-build-rig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa9483578294aa1f05417210a36c0840de9fe1104aa1c36c6cad6f0ac4fe4760 The package tsdoc-build-rig was found to contain malicious code. Source: ossf-package-analysis...

TL-RL-FusionNet: An Adaptive and Efficient Reinforcement Learning-Driven Transfer Learning Framework for Detecting Evolving Ransomware Threats

Modern ransomware exhibits polymorphic and evasive behaviors by frequently modifying execution patterns to evade detection. This dynamic nature disrupts feature spaces and limits the effectiveness of static or predefined models. To address this challenge, we propose TL-RL-FusionNet, a reinforceme...

Joern 4.0.525

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

angr 9.2.212

angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...

TLSCheck 2.0: An Enhanced Memory Forensics Approach to Efficiently Detect TLS Callbacks

Memory analysis is a crucial technique in digital forensics that enables investigators to examine the runtime state of a system through physical memory dumps. While significant advances have been made in memory forensics, the detection and analysis of Thread Local Storage TLS callbacks remain...

MAL-2026-2967 Malicious code in 6161test1234 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074806dcf23de8a6066ce2cbbcc5f711ca552db945714be52cd8d3a7e1415af4 The package 6161test1234 was found to contain malicious code. Source: ossf-package-analysis...

Security Bulletin: Due to use of Google Protocol Buffers, IBM Operations Analytics – Log Analysis is affected by denial of service.

Summary Google Protocol Buffers in Apache Solr is used by IBM Operations Analytics – Log Analysis as part of the data serialization and communication between services. CVE-2021-22570. Vulnerability Details CVEID:CVE-2021-22570 DESCRIPTION: Nullptr dereference when a null char is present in a prot...

PatchChain-Multi-Agent-Agentic-Pipeline-for-Autonomous-Code-Vulnerability-Analysis

No d...

Adding Compilation Metadata to Binaries to Make Disassembly Decidable

The binary executable format is the standard method for distributing and executing software. Yet, it is also as opaque a representation of software as can be. If the binary format were augmented with metadata that provides security-relevant information, such as which data is intended by the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013270)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013270 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix skb leak in skbtstamptx Commit 50749f2dd685 tcp/udp: Fix memleaks of sk and zerocopy skb...

Malicious code in mysten_metrics (crates.io)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 63f995158ab539b4b108f431c0a0384aa56cd5b50fbfac7d83e743b98d742fa0 The OpenSSF Package Analysis project identified 'mysten-metrics' @ 9.0.3 crates.io as malicious. It is considered malicious because: - The packa...