Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989130)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989130 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbcbeepprobe offindnodebypath calls offindnodeoptsbypath,...

EUVD-2014-7289

Malware in sbrugna...

EUVD-2002-0995

Malware in sbrugna...

MAL-2025-21273 Malicious code in generator-bbc-vj (npm)

The package generator-bbc-vj was found to contain malicious code...

Malicious code in generator-bbc-vj (npm)

The package generator-bbc-vj was found to contain malicious code...

Kingdee Cloud Galaxy Private Cloud BBC System 路径遍历漏洞

Kingdee Cloud Galaxy Private Cloud BBC System is an all-inclusive cloud ERP system from China's Kingdee Kingdee. A path traversal vulnerability exists in Kingdee Cloud Galaxy Private Cloud BBC System versions V6.2 to V9.0, which stems from improper operation of the filePath parameter in the...

MAL-2025-2362 Malicious code in bbc-grandstand (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f0de83cd752dd58c1c6dae7ef140c2e9e41f3eb4a7467376e80659b3019cb75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

DEBIAN-CVE-2022-49438

In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbcbeepprobe offindnodebypath calls offindnodeoptsbypath, which returns a node pointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid...

CVE-2022-49438 Input: sparcspkr - fix refcount leak in bbc_beep_probe

In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbcbeepprobe offindnodebypath calls offindnodeoptsbypath, which returns a node pointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid...

CVE-2022-49438 Input: sparcspkr - fix refcount leak in bbc_beep_probe

In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbcbeepprobe offindnodebypath calls offindnodeoptsbypath, which returns a node pointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a reference count leak in bbcbeepprobe...

MAL-2025-165 Malicious code in bbc-http-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 607310f08b0c054bccf0fd5902e86de74b458d5c11110bdb411ac30b04c0db95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in bbc-http-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 607310f08b0c054bccf0fd5902e86de74b458d5c11110bdb411ac30b04c0db95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Meta takes down 63,000 sextortion-related accounts on Instagram

Meta announced the take-down of 63,000 sextortion-related Instagram accounts in Nigeria alone. The action was directed against a group known as Yahoo Boys, a loosely organized set of cybercriminals that largely operate out of Nigeria and specialize in different types of scams. Meta took down a ho...

AI Voice Scam

Scammers tricked a company into believing they were dealing with a BBC presenter. They faked her voice, and accepted money intended for her...

“I’ll miss him so much” Facebook scam uses BBC branding to lure victims

Facebook scams are a constant nuisance and vary from like-farming to scams that can cost you some serious money. The latest one we found is a bit morbid. Recently, I’ve seen quite a few posts on my timeline that looked like this: Without going into details the post says: “I can’t believe he’s gon...

Mobile malware analysis for the BBC

This is a version of our report referenced in the Helping a mobile malware fraud victim blog post, with all sensitive information removed. Summary One malicious application was identified on the device, and evidence identified during the examination strong suggests though this cannot be confirmed...

Malicious code in bbc-iplayer-sounds-chatbot (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2d586de5a3bb31f4049fd207aa2c3ffc23d175a74c56bc0a75c52fd116f5291a The OpenSSF Package Analysis project identified 'bbc-iplayer-sounds-chatbot' @ 5.2.3 npm as malicious. It is considered malicious because: - The...

Cl0p ransomware gang claims first victims of the MOVEit vulnerability

On Friday June 2, 2023 we reported about a MOVEit Transfer vulnerability that was actively being exploited. If your organization uses MOVEit Transfer and you havent patched yet, it really is time to move it. Excuse the bad pun, but yesterday we saw the first victims of this vulnerability come...

Malicious code in trint-bbc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f755e08a2f5b395630482a2784cdf65bd712c263238d4df7302e087c47be52e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...