Lucene search
K

139 matches found

Wired Threat Level
Wired Threat Level
added 2026/05/07 11:0 a.m.14 views

Thousands of Vibe-Coded Apps Expose Corporate and Personal Data on the Open Web

Companies like Lovable, Base44, Replit, and Netlify use AI to let anyone build a web app in seconds—and in thousands of cases, spill highly sensitive data onto the public internet...

5.8AI score
Exploits0
OSV
OSV
added 2026/04/14 12:35 p.m.8 views

MAL-2026-2881 Malicious code in bjs-lint-builders (npm)

big.js typosquat campaign - SSH backdoor implantation, credential and crypto wallet theft --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93ff31ee3bf86e4aecefc3ed40ae1647028f7fd482df4c617731ebfd75cad027 The package bjs-lint-builders was found to contain maliciou...

5.9AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/14 12:35 p.m.12 views

bjs-biginteger (=5.0.5) potentially affected by unknown CVE via bjs-lint-builders (=1.1.0)

bjs-lint-builders NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on bjs-lint-builders and may be impacted: - bjs-biginteger =5.0.5 Source cves: unknown CVE Source advisory: OSV:MAL-2026-2881...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/14 12:35 p.m.9 views

Malicious code in bjs-lint-builders (npm)

big.js typosquat campaign - SSH backdoor implantation, credential and crypto wallet theft --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93ff31ee3bf86e4aecefc3ed40ae1647028f7fd482df4c617731ebfd75cad027 The package bjs-lint-builders was found to contain maliciou...

5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/03/11 4:48 p.m.2 views

Malicious Package

Overview npm-builders is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/11 4:48 p.m.6 views

Malicious code in npm-builders (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c63391276857464ec97afe878e9a323907ccb5cc79486e5d11ce3078f2621e1 The package npm-builders was found to contain malicious code. Source: ghsa-malware 83c8c91b9b31b2f06c283e24505777cd3486a18286a6eb6a2f2b29ca2e6462e6 A...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/11 4:48 p.m.4 views

MAL-2026-1345 Malicious code in npm-builders (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c63391276857464ec97afe878e9a323907ccb5cc79486e5d11ce3078f2621e1 The package npm-builders was found to contain malicious code. Source: ghsa-malware 83c8c91b9b31b2f06c283e24505777cd3486a18286a6eb6a2f2b29ca2e6462e6 A...

5.7AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/02/16 8:2 a.m.6 views

A week in security (February 9 – February 15)

Last week on Malwarebytes Labs: How to find and remove credential-stealing Chrome extensions Fake shops target Winter Olympics 2026 fans Outlook add-in goes rogue and steals 4,000 credentials and payment data Child exploitation, grooming, and social media addiction claims put Meta on trial Apple...

5.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/12 8:3 a.m.9 views

Criminals are using AI website builders to clone major brands

AI tool Vercel was abused by cybercriminals to create a Malwarebytes lookalike website. Cybercriminals no longer need design or coding skills to create a convincing fake brand site. All they need is a domain name and an AI website builder. In minutes, they can clone a site's look and feel, plug i...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/25 1:23 p.m.5 views

CVE-2025-68581

Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-builders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH Slider for page builders: from n/a through = 1.0.11...

5.4CVSS7AI score0.00171EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/24 7:33 p.m.6 views

WordPress YITH Slider for page builders plugin <= 1.0.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin YITH Slider for page builders versions = 1.0.11...

8.1CVSS6.7AI score0.00171EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/12/24 3:30 p.m.2 views

EUVD-2025-205254

Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-builders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH Slider for page builders: from n/a through = 1.0.11...

8.1CVSS6.5AI score0.00171EPSS
Exploits0References2
NVD
NVD
added 2025/12/24 1:16 p.m.6 views

CVE-2025-68581

Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-builders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH Slider for page builders: from n/a through = 1.0.11...

5.4CVSS0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/24 1:10 p.m.29 views

CVE-2025-68581 WordPress YITH Slider for page builders plugin <= 1.0.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-builders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH Slider for page builders: from n/a through = 1.0.11...

5.4CVSS0.00171EPSS
Exploits0References1
CVE
CVE
added 2025/12/24 1:10 p.m.9 views

CVE-2025-68581

Technical details about CVE-2025-68581 (affected product, version, impact, and fix) are not publicly provided in the supplied documents; monitor for updates.

5.4CVSS6.6AI score0.00171EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 1:10 p.m.2 views

CVE-2025-68581 WordPress YITH Slider for page builders plugin <= 1.0.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-builders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH Slider for page builders: from n/a through = 1.0.11...

5.4CVSS6.6AI score0.00171EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.4 views

PT-2025-53269

Name of the Vulnerable Software and Affected Versions YITH Slider for page builders versions through 1.0.11 Description The software contains a missing authorization issue due to incorrectly configured access control security levels. Recommendations Update YITH Slider for page builders to a versi...

8.1CVSS6.5AI score0.00171EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.5 views

WordPress plugin YITH Slider for page builders 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.4CVSS6.5AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 8:15 p.m.12 views

CVE-2024-58318

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via the rich text editor component for page and form builders. Attackers can exploit this vulnerability by entering malicious URIs, potentially allowing malicious scripts to execute in...

6.1CVSS0.00139EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/18 7:53 p.m.24 views

CVE-2024-58318 Kentico Xperience <= 13.0.162 Rich Text Editor Stored XSS

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via the rich text editor component for page and form builders. Attackers can exploit this vulnerability by entering malicious URIs, potentially allowing malicious scripts to execute in...

6.1CVSS0.00139EPSS
Exploits0References2
Rows per page
Query Builder