OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts

OpenAI is rolling out Advanced Account Security for people concerned that their ChatGPT or Codex accounts could be potential targets of phishing attacks...

Why the F5 Hack Created an ‘Imminent Threat’ for Thousands of Networks

Networking software company F5 disclosed a long-term breach of its systems this week. The fallout could be severe...

Use of Generative AI in Scams

New report: "Scam GPT: GenAI and the Automation of Fraud." This primer maps what we currently know about generative AI’s role in scams, the communities most at risk, and the broader economic and cultural shifts that are making people more willing to take risks, more vulnerable to deception, and...

Malicious code in oradm-to-sqlz (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f66243d0593a930732578192edb0f5d084612a5f89bb86b9bb4aecef362a5aa Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-43446 Malicious code in andi-pisang59-breki (npm)

The package andi-pisang59-breki was found to contain malicious code...

MAL-2025-3068 Malicious code in grunt-ci-suite (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6cdab4cd85be12f6db64b3f2a4c747de300ce59bbb07da2848a8b86c0280bee2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk

Palo Alto, USA, 29th March 2025, CyberNewsWire...

PT-2025-2112

Name of the Vulnerable Software and Affected Versions iBuildApp WordPress plugin versions 0.2.0 and earlier Description The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitized and escaped before being outputted back in the page. This could be...

MAL-2024-11135 Malicious code in cussionsbp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 944229b70b1df938c01b5e21ee9d7d8799d3e104488f5ed8669176a2851c3467 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11035 Malicious code in eslint-formatter-richhtml (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c1882bf6a70efa173960185fd119365caef76186573c332b079148bd0e752f2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11052 Malicious code in mssr (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 320cac8994c25e1a950677ac5dfd7d3635f0c8b9f255058719ff9b8602063050 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11047 Malicious code in json-schema-editor-visual-yapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2c434b89e0272562d45ccf56680fe4b6edf72651ddb2603233fa84ad67bf2c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10929 Malicious code in eth-crpto (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 39a8ec071ac26f1f07a77c2de3dcff7672716e7339455c06896de0d1b7e905bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10616 Malicious code in ethers-audit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 058ac1d6271bf68f9476a6f0a9e4df3a4764f5a06405e90fcac87968f2a9608d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE CVE-2024-47684

In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcprearmrto. Initially hittin...

MAL-2024-9368 Malicious code in fuh0qz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7529bc6b4e017a1268dff08f21236c040484c75d1c87e3bbe413b7c1afea0ef6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9346 Malicious code in dhwmfs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d7732d14f5f18b93b76e0b9164667441919050e960414ac343c60a460854803 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9365 Malicious code in file-alb-um-zip-new-mp3-126009-bitter-sweet-dz7i2-hidryu (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a75501436f2395e00123299cf864bf5850d07617243e0205e60c4d3843110c26 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Hacker Charged With Seeking to Kill Using Cyberattacks on Hospitals

The US has accused two brothers of being part of the hacker group Anonymous Sudan, which allegedly went on a wild cyberattack spree that hit hundreds of targets—and, for one of the two men, even put lives at risk...

MAL-2024-9292 Malicious code in discord.jselfbot-v13 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a61c990eea82ae2bbc613649aabde4884684f69fa4b649655cbee9e1e5018293 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...