MAL-2026-2958 Malicious code in mysten_metrics (crates.io)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 63f995158ab539b4b108f431c0a0384aa56cd5b50fbfac7d83e743b98d742fa0 The OpenSSF Package Analysis project identified 'mysten-metrics' @ 9.0.3 crates.io as malicious. It is considered malicious because: - The packa...

Malicious code in @serasa/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a5d7dc70207045632b443597fdca880203a20b38f5999520fe5c437ca65a496 The package @serasa/core was found to contain malicious code. Source: ossf-package-analysis...

CVE-2026-39388

creationtimestamp| type| source ---|---|--- 2026-04-20 16:16:06+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-39388 2026-04-21 00:10:05+00:00| seen| https://bsky.app/profile/releaseport.com/post/3mjxoyesgfk25 2026-04-21 02:53:57+00:00| seen|...

Malicious code in bmg-web-features (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95e385a0f1c1bcc075d39332c519b28aebc80cd8474cbc78baff5ce19661b85f The package bmg-web-features was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2953 Malicious code in bmg-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26777925b4f8e199b125a969ad8c6f4e0ff672b87613b22ce2b67fe461ba218e The package bmg-web was found to contain malicious code. Source: ossf-package-analysis 27618387221affefb03509d50b0545c22b6d18574bc71aa6f218350ca5f152...

Malicious code in megabank-worklist (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f0a379223d486978f097d6f97b1d3a1fd307bb725be56c7baa2bc8ff72d297 The package megabank-worklist was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2955 Malicious code in megabank-worklist (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f0a379223d486978f097d6f97b1d3a1fd307bb725be56c7baa2bc8ff72d297 The package megabank-worklist was found to contain malicious code. Source: ossf-package-analysis...

autopoc

AutoPoC Automated proof-of-concept deployments on OpenShift...

ExploitIQ

⚡ ExploitIQ Autonomous AI-Powered Penetration Testing Assis...

[SECURITY] Fedora 43 Update: awstats-8.0-2.fc43

Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers...

CodeQL 2.25.2

Discover vulnerabilities across a codebase with CodeQL, an industry-leading semantic code analysis engine. CodeQL lets you query code as though it were data. Write a query to find all variants of a vulnerability, eradicating it forever. Then share your query to help others do the same...

MetInfo CMS 8.1 XML Endpoint Behavior Analysis Tool

This script is a PHP-based analysis tool designed to interact with MetInfo CMS 8.1 endpoints through an XML-based interface. It uses cURL to send structured requests to a specific MetInfo module endpoint and evaluates the HTTP responses for basic fingerprinting indicators such as known keywords a...

Joern 4.0.524

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

RAVEN: Retrieval-Augmented Vulnerability Exploration Network for Memory Corruption Analysis in User Code and Binary Programs

Large Language Models LLMs have demonstrated remarkable capabilities across various cybersecurity tasks, including vulnerability classification, detection, and patching. However, their potential in automated vulnerability report documentation and analysis remains underexplored. We present RAVEN...

angr 9.2.211

angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...

Zeek 8.0.7

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

Malicious code in react-spa-shadcn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b0a6436d822911c9ab59cb73cdf9c25c0dfa562feb406fcfa450ad964418f89 The package react-spa-shadcn was found to contain malicious code. Source: ghsa-malware da9de249511ac32f8d560921d4da27724c126e29260a8fb7c4acb1da70c6b7...

MAL-2026-2927 Malicious code in pa-marked (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e01d64e50dea2a8be10707dbd49869a6bcea570bf26829a1738ca2237882249 The package pa-marked was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in rtms-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c18da37bf0615d0c7dceb6be7eb89956f39de56bbc90f65d9398fbfb3f9455dc The package rtms-manager was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in sy-editor-v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cbd7c2056a09f76b9e73fbd0dae4370df9df455077146ae85b6b985b0394d4f The package sy-editor-v3 was found to contain malicious code. Source: ossf-package-analysis...