12910 matches found
Exploring Robust Intrusion Detection: A Benchmark Study of Feature Transferability in IoT Botnet Attack Detection
Cross-domain intrusion detection remains a critical challenge due to significant variability in network traffic characteristics and feature distributions across environments. This study evaluates the transferability of three widely used flow-based feature sets Argus, Zeek and CICFlowMeter across...
PT-2026-22398
Name of the Vulnerable Software and Affected Versions PMD versions prior to 7.22.0 Description PMD, a static code analyzer, contains a flaw where its vbhtml and yahtml report formats do not properly escape characters when inserting rule violation messages into HTML output. Analyzing untrusted...
Formal Analysis and Supply Chain Security for Agentic AI Skills
The rapid proliferation of agentic AI skill ecosystems -- exemplified by OpenClaw 228,000 GitHub stars and Anthropic Agent Skills 75,600 stars -- has introduced a critical supply chain attack surface. The ClawHavoc campaign January-February 2026 infiltrated over 1,200 malicious skills into the...
MAL-2026-1050 Malicious code in launch-darkly-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b23f579bd6a28b963c5574bfb9148b80de6e59d96c6cb0d10f4d2a35d4c010ac The package launch-darkly-js was found to contain malicious code. Source: ghsa-malware e7a7ecd2770ab8b028a7d1fc05847c7049e1f276886eafb32222fcb81b1d79...
Malicious code in hardhat-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64850c9938e9fa6cb3e89f001306cc9906dd810b24573bd990d1cafc92893df2 The package hardhat-node was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1051 Malicious code in corstoken (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d343f604565676254c8b24e997c84396038593cf5259c15d044ec3c5ab3350 The package corstoken was found to contain malicious code. Source: ghsa-malware d7d7cc0fd416fdcbdfe3517bbfd1ffec7e67ce88349fb17ddd2b22e408f740ed Any...
MAL-2026-1038 Malicious code in promanage (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34866a6d91e495c7692a123d4f1b31f1a98cf793744c4649f92eccf97d43ee9b The package promanage was found to contain malicious code. Source: ghsa-malware 55e3f919d2876892f9e686ad04eb2e38c1f5fdb1e3d93f39fc306563d9a4fa18 Any...
MAL-2026-1043 Malicious code in uuindex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a373d8c2c653d1b6effee8ff65bba442fcf08d7eea88ec95707680697385646 The package uuindex was found to contain malicious code. Source: ghsa-malware 47c06a7b235c91fbc08cc942c69f1e05ecdb8093c9658bd5ade2b8866cc33f4c Any...
Why Intelligent Contract Solutions Are Replacing Traditional CLM Systems
Intelligent contract solutions replace traditional CLM by adding AI analysis, benchmarking, and risk insights that speed reviews, reduce delays, and improve decisions...
CVE-2025-1242
The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...
Fickling has safety check bypass via REDUCE+BUILD opcode sequence
Assessment It is believed that the analysis pass works as intended, REDUCE and BUILD are not at fault here. The few potentially unsafe modules have been added to the blocklist https://github.com/trailofbits/fickling/commit/0c4558d950daf70e134090573450ddcedaf10400. Original report Summary All 5 of...
CVE-2025-1242
The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...
incident-response-lab
🔥 Incident Response Lab - SOC Toolkit !Pythonhttps://img.s...
MAL-2026-1039 Malicious code in react-devtools-raycast (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 389c48f69049121e3e54751b68803d75bb5d571de2c8caf9c5e5d21f970612f0 The package react-devtools-raycast was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in get-fonts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d55d952f3fb507a89362a1535e7cf7d781b6f26e82c7130ca008af612bfddf4 The package get-fonts was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in trae-browser-inspect (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fbd2b8603f95aa744b92e1f624c31c4afc4dcb7ef634096a331302462b45e1f The package trae-browser-inspect was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1042 Malicious code in trae-browser-inspect (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fbd2b8603f95aa744b92e1f624c31c4afc4dcb7ef634096a331302462b45e1f The package trae-browser-inspect was found to contain malicious code. Source: ossf-package-analysis...
APFuzz: Towards Automatic Greybox Protocol Fuzzing
Greybox protocol fuzzing is a random testing approach for stateful protocol implementations, where the input is protocol messages generated from mutations of seeds, and the search in the input space is driven by the feedback on coverage of both code and state. State model and message model are th...
Wireshark 安全漏洞
Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 of Wireshark have security vulnerabilities. These vulnerabilities stem fro...
MAL-2026-1028 Malicious code in examplereactnative76 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a118efca65c484515f9ae2cee508db99ef356bb6dc1e9ec249858e561f96f089 The package examplereactnative76 was found to contain malicious code. Source: ossf-package-analysis...