MAL-2026-1228 Malicious code in @schedaero/bacon (npm)

Multiple suspicious behaviors: preinstall script exfiltrates data to a suspicious URL, terminates process, and few versions. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1f79d2ea06bc3905829524120560412e8e875463b5bddeb6bad3a343292c20c The package...

MAL-2025-99737 Malicious code in bacon-notthedevs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e935d4cb1d9b70d15da30614fe6347e618867316834d9b7617825c440688ee2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-74963

Malicious code in bacon-notthedevs npm...

EUVD-2025-17148

Malicious code in bioql PyPI...

CVE-2025-49443

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chris McCoy Bacon Ipsum bacon-ipsum allows Stored XSS.This issue affects Bacon Ipsum: from n/a through = 2.4...

CVE-2025-49443

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chris McCoy Bacon Ipsum bacon-ipsum allows Stored XSS.This issue affects Bacon Ipsum: from n/a through = 2.4...

CVE-2025-49443

CVE-2025-49443 (Bacon Ipsum) : The WordPress Bacon Ipsum plugin (affected: n/a through 2.4) contains a Cross‑Site Scripting vulnerability due to improper neutralization of input during web page generation. It is a Stored XSS issue (CVSSv3.1: 6.5, MEDIUM) requiring user interaction, with network a...

CVE-2025-49443 WordPress Bacon Ipsum plugin <= 2.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chris McCoy Bacon Ipsum bacon-ipsum allows Stored XSS.This issue affects Bacon Ipsum: from n/a through = 2.4...

CVE-2025-49443 WordPress Bacon Ipsum <= 2.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chris McCoy Bacon Ipsum allows Stored XSS. This issue affects Bacon Ipsum: from n/a through 2.4...

PT-2025-24266 · Unknown · Bacon Ipsum

Name of the Vulnerable Software and Affected Versions: Bacon Ipsum versions n/a through 2.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicio...

WordPress plugin Bacon Ipsum 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Bacon Ipsum plugin <= 2.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Chu The Anh Blue Rock in WordPress Plugin Bacon Ipsum versions = 2.4...

Verizon’s Visible Wireless Carrier Confirms Credential-Stuffing Attack

On Wednesday, Verizon’s Visible – an all-digital, uber-cheap wireless carrier – confirmed what customers have been complaining about on Reddit and Twitter all week: They lost control of their accounts; had their passwords and shipping addresses changed; and some got stuck with bills for pricey ne...

Ronald Graham and the Magic of Math

Late Monday night, I received an email sharing the sad news that Ronald Graham had died that evening at the age of 84. For those who never had the pleasure of knowing Ron, he was a brilliant mathematician with a great sense of humor, a circus-level juggler and magician, a mentor of countless...

Welcome to the second stage of BlueHat!

We’ve finished two incredible days of security trainings at the Living Computer Museum in Seattle. Now it’s time for the second part of BlueHat: the briefings at ShowBox SoDo. We’ve got a big day planned, so head on down. Please join us for breakfast we have doughnuts! and bacon! and cereal!...

Welcome to the second stage of BlueHat!

We’ve finished two incredible days of security trainings at the Living Computer Museum in Seattle. Now it’s time for the second part of BlueHat: the briefings at ShowBox SoDo. We’ve got a big day planned, so head on down. Please join us for breakfast we have doughnuts! and bacon! and cereal!...

kjottprodukter.no XSS vulnerability

Open Bug Bounty ID: OBB-614147 Description| Value ---|--- Affected Website:| kjottprodukter.no Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Batch Audio Converter Lite Edition <= 1.0.0.0 - Stack Buffer Overflow (SEH)

No description provided by source. Software Link: http://www.freesoftwaretoolbox.com/files/batchaudiosetup.exe Tested on: Windows XP SP2 Type of Vuln: SEH Code : bacon-exploit.py Greetz: Otoy, Postnix, Jasakom Community, Kilurah, Gesang, dan wedus-wedus lainnya ^^ Thanks: All OffSec member...

WordPress PDF And Print Button Joliprint 1.3.0 Cross Site Scripting

Hi We have used our tool, THAPS, to identify vulnerabilities in this WordPress plugin. We have confirmed at least one of the reported vulnerabilities and created a working exploit located below. Attached is one or more log files containing the output of our tool, identifying the location of the...

Buffer overflow

Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local users to execute arbitrary code via a long command line argument, possibly involving the device name...