75 matches found
Summarize 安全漏洞
Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.15.1 contain security vulnerabilities. These vulnerabilities stem from an authorization flaw in the content script’s window.postMessage bridging mechanism, which could allow...
CVE-2021-22512
Cross-Site Request Forgery CSRF vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow form validation without permission checks...
EUVD-2024-44290
Malicious code in bioql PyPI...
EUVD-2022-4636
Malicious code in bioql PyPI...
EUVD-2024-32740
Malicious code in bioql PyPI...
EUVD-2024-32765
Malicious code in bioql PyPI...
EUVD-2024-32745
Malicious code in bioql PyPI...
EUVD-2024-44291
Malicious code in bioql PyPI...
Pentest-scripts
Pentest-scripts Personal repository with offensive secur...
Malicious Package
Overview tiupd is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for social...
Malicious Package
Overview tgsendduo is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for soci...
Malicious Package
Overview idd-64bit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for soci...
Malicious Package
Overview soonje2 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for social...
Malicious Package
Overview tidpz is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for social...
Malicious Package
Overview t64z is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for social...
Malicious Package
Overview postingduo is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for...
The Rise of Agentic AI: Uncovering Security Risks in AI Web Agents
In our first post, we introduced the world of AI web agents - defining what they are, outlining their core capabilities, and surveying the leading frameworks that make them possible. Now, we’re shifting gears to look at the other side of the coin: the vulnerabilities and attack surfaces that aris...
Flowable Named in the latest Gartner® Market Guide for BPA Tools
ZURICH, Switzerland - Zurich-based automation platform Flowable has been recognized as a Representative Vendor in the Gartner newly released…...
Flowable’s Smart Automation Tools Are Reshaping How Enterprises Operate in 2025
As more businesses face pressure to do more with fewer resources, automation platforms like Flowable are becoming central…...
CVE-2024-4692
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText...