MAL-2026-5751 Malicious code in oh-my-ashclaw (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector daf0a5a6234cbf55718057017cbe143ab41ad1aaf7964ebfaab6dfe12703b005 On npm install, the package's postinstall hook .prepare.cjs executes and harvests installer-side data: hostname, username, OS/arch, Node version, all...

Web-Attack-Detection-Lab

!Kali Linuxhttps://img.shields.io/badge/KaliLinux-557C94?sty...

-Web-Attack-Detection-Lab

!Kali Linuxhttps://img.shields.io/badge/KaliLinux-557C94?sty...

Rethinking MDR as Attackers and Defenders Embrace AI

For most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn't staff around the clock, couldn't hire enough analysts, and needed someone else to handle the alert queue. MDR stepped in. It worked well enough. Until now. The threat landscape ha...

linux-privesc-linpeas

🐧 linux-privesc-linpeas End-to-end Linux privilege escalati...

Malicious code in coral-wraith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf0e5e4aa66ffeb1481fd587c96f596a227c9388b86b3a3443749b5ec9eb09f1 The package's postinstall.js runs at install time and performs a credential-harvest + host-tampering chain against the installer. It enumerates npm...

MAL-2026-5682 Malicious code in coral-wraith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf0e5e4aa66ffeb1481fd587c96f596a227c9388b86b3a3443749b5ec9eb09f1 The package's postinstall.js runs at install time and performs a credential-harvest + host-tampering chain against the installer. It enumerates npm...

FreeType Automated Font Corpus Scanner

This Python framework implements a structured font-analysis pipeline for large-scale robustness testing of FreeType font parsing behavior...

HTTP/2 Exposure Auditor

The script safely evaluates HTTP/2 exposure by negotiating ALPN, initiating a minimal HTTP/2 session, collecting server SETTINGS frames, and identifying potentially permissive protocol configurations. It avoids stream amplification, flooding behavior, connection fan-out, and sustained resource...

Palo Alto GlobalProtect TLS Posture Scanner

This Metasploit auxiliary module is structured as a defensive assessment tool focused on TLS posture analysis and service identification for GlobalProtect deployments...

AI Threat Readiness Pillar 3: Perform AI Code Analysis Natively in Wiz

Your guide to operationalizing AI-powered code analysis with Wiz to stay ahead of AI driven development and adversaries...

Malicious code in worker-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e11b6161f4fe3c591bddadbf275003eaac33a1478cda408ac51d85230292e6d package.json declares "postinstall": "node main.js", so installation of [email protected] unconditionally executes main.js on npm install. main.js...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by improper resource management due to Eclipse Jetty

Summary Eclipse Jetty in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of HTTP/HTTPS client requests for Apache Solr Admin UI. CVE-2025-5115. Vulnerability Details CVEID:CVE-2025-5115 DESCRIPTION: In Eclipse Jetty, versions =9.4.57, =10.0.25, =11.0.25, =12.0.21,...

CVE-2026-49497

Ghidra before 12.1 contains a path traversal vulnerability in SameDirDebugInfoProvider that fails to validate filenames from ELF binary .gnudebuglink sections before constructing file paths. Attackers can craft malicious ELF binaries with traversal sequences to probe filesystem existence and leak...

Malicious code in @whatnot-web/www-legacy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fe99986935f0b2d200c3192dfc07fc1b6da96c78ac8a4f0a67aa23771e82709 @whatnot-web/[email protected] is a dependency-confusion shell targeting the Whatnot org scope. The package ships an empty library index.js exports ,...

Malicious code in edu-npm-dependency-chain-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5a2508b833cc9048538d7b995e19fdc3abb6807800a2650ef808f248a3502139 The OpenSSF Package Analysis project identified 'edu-npm-dependency-chain-demo' @ 1.0.4 npm as malicious. It is considered malicious because: -...

Malicious code in nim-submit-for-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bf75301042574897cc2f4bd8f3b8939fe4ac7a958f2cfe2404bbbee149797d0 On npm install, the package's postinstall hook executes lib/compiler.js, which spawns a detached Node process that collects host identity hostname,...

MAL-2026-5570 Malicious code in nim-submit-for-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bf75301042574897cc2f4bd8f3b8939fe4ac7a958f2cfe2404bbbee149797d0 On npm install, the package's postinstall hook executes lib/compiler.js, which spawns a detached Node process that collects host identity hostname,...

CVE-2026-9741

A bug in query analysis processing of the $vectorSearch aggregation stage for Queryable Encryption QE or Client-Side Field Level Encryption CSFLE results in literal values for encrypted fields within the $vectorSearch stage filter expressions to be sent to the server as plaintext instead of...

ViPER: Vision-Based Packing-Aware Encoder for Robust Malware Detection

Visualization-based malware detection maps raw binary bytes to grayscale images and applies learned visual classifiers, providing an evasion-resistant and disassembly-free alternative to conventional analysis pipelines. However, executable packing remains a critical failure mode: packed binaries...