Strengthening Polymorphic Prompt Assembling: Dynamic Separator Generation against Emerging Prompt Injection Attacks

Polymorphic Prompt Assembling PPA defends LLM agents against prompt injections by randomly selecting separator pairs from a fixed pool to isolate user input from system instructions. Although effective, static pool reuse exposes a blast-radius vulnerability: once a separator leaks, it can be...

MAL-2026-4807 Malicious code in shop-minis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e9e3e4e8e9e12bac20967fa551c549a93915b33007d7e54f8bfe0eed26a216e On npm install, the package's postinstall script postinstall.js, run via scripts.postinstall = 'node postinstall.js' collects host identity — whoami,...

Malicious code in skills-detector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 844190b21455d308d6e2b5305ebe92634d80b55817290a84644a1048df0e54b3 On npm install, postinstall.js executes whoami and id via childprocess.execSync, collects os.hostname, os.platform, current working directory, and th...

MAL-2026-4644 Malicious code in power-platform-playwright-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57967d58233d74f2fc4f9b0dee7c050370eb388050df8d63f29e719f83468d73 On npm install, the package's postinstall script postinstall.js collects host identifiers and CI context — whoami, os.hostname, os.platform, cwd, CI,...

Malicious code in dds-js-idl-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68e8941c301603919022f1d67d311d576d5d5efcac7ed7cb0d3526cb71e829d6 On npm install, the package's postinstall.js runs whoami and reads os.hostname, os.platform, the current working directory, and CI-related environmen...

MAL-2026-4548 Malicious code in dds-js-idl-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68e8941c301603919022f1d67d311d576d5d5efcac7ed7cb0d3526cb71e829d6 On npm install, the package's postinstall.js runs whoami and reads os.hostname, os.platform, the current working directory, and CI-related environmen...

MAL-2026-4382 Malicious code in @djessicatony/folk-mcp-canary (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a504172fe0e456bd96cf7b4f9a6b6dda65dee7bd573833bbf5963b0be7a05ae8 index.js contains a beacon-style exfiltration primitive: a fetch POST at line 60-61 sends process.env data read at lines 30 and 34 to a hardcoded...

Untrusted Search Path

Overview @turbo/codemod is a Provides Codemod transformations to help upgrade your Turborepo codebase when a feature is deprecated. Affected versions of this package are vulnerable to Untrusted Search Path in the package manager detection. An attacker can execute arbitrary code by placing a...

Untrusted Search Path

Overview @turbo/workspaces is a Tools for working with package managers Affected versions of this package are vulnerable to Untrusted Search Path in the package manager detection. An attacker can execute arbitrary code by placing a malicious .yarnrc.yml file with a controlled yarnPath in a...

Microsoft is changing Edge’s plaintext password behavior

Microsoft said it will change Edge’s password handling as a “defense‑in‑depth” measure. Originally, Edge decrypted the entire saved‑password store on startup and kept all credentials resident in process memory in clear text for the whole browser session, regardless of whether a given credential w...

Malicious code in request-logger-canary (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf0d566d7abb400988aea74b00099a6db4c5ea928f32e7d44648193e21a36035 [email protected] ships a preinstall.js that, when npm install runs, opens a TCP socket to 52.74.242.200:8851 and pipes an interactive...

Identifying AI Web Scrapers Using Canary Tokens

From pre-training to query-time augmentation, web-scraped data helps to improve the quality and contextual relevancy of content generated by large language models LLMs. However, large-scale web scraping to feed LLMs can affect site stability and raise legal, privacy, or ethics concerns. If websit...

cybersec-hw1

cybersec-hw1 Homework 1 for Introduction to Computer Securi...

companies.sh (>=2026.324.0-canary.0 <=2026.325.0-canary.3), corporateai (=2026.328.0-canary.0) +3 more potentially affected by CVE-2026-41208 via @paperclipai/server (>=2026.318.0-canary.0 <=2026.416.0-canary.1)

@paperclipai/server NPM version =2026.318.0-canary.0, =2026.324.0-canary.0, =2026.3.17-canary.3, =0.6.5, =0.6.6 Source cves: CVE-2026-41208 Source advisory: SNYK:JS-PAPERCLIPAISERVER-16323184...

CVE-2026-6643

ASUSTOR ADM VPN clients (ADM 4.1.0–4.3.3.RR42 and 5.0.0–5.1.2.REO1) are affected by CVE-2026-6643 due to a stack-based buffer overflow caused by unbounded sscanf() and passing user-controlled data to printf() in vpnupload.cgi (upload_wireguard). The vulnerability can lead to code execution as the...

PT-2026-33722

A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...

@agent-analytics/paperclip-live-analytics-plugin (>=0.1.1 <=0.1.11), @clawjedi/paperclip-plugin-chat (>=1.0.0 <=1.0.4) +16 more potentially affected by unknown CVE via @paperclipai/shared (>=2026.318.0-canary.0 <=2026.416.0-canary.1)

@paperclipai/shared NPM version =2026.318.0-canary.0, =0.1.1, =1.0.0, =0.0.1, =0.3.3, =0.1.0, =0.1.9, =2026.3.17-canary.0, =2026.3.17-canary.0, =2026.407.0-canary.5, =2026.3.17-canary.0, =2026.3.17-canary.2, =0.1.0, =2026.324.0-canary.0, =2026.325.0-canary.3 - corporateai =2026.328.0-canary.0 -...

@godmode-team/godmode (=1.6.1), @growthub/cli (>=0.3.1 <=0.3.44) +8 more potentially affected by unknown CVE via @paperclipai/server (>=0.2.7 <=2026.416.0-canary.1)

@paperclipai/server NPM version =0.2.7, =0.3.1, =0.1.45, =2026.324.0-canary.0, =0.0.2, =0.2.2, =0.6.5, =0.6.6 - solounicornclub =0.3.1 - stacy-cli =0.3.1 Source cves: unknown CVE Source advisory: OSV:GHSA-VR7G-88FQ-VHQ3...

@godmode-team/godmode (=1.6.1), @growthub/cli (>=0.3.1 <=0.3.44) +8 more potentially affected by unknown CVE via @paperclipai/server (>=0.2.7 <=2026.416.0-canary.1)

@paperclipai/server NPM version =0.2.7, =0.3.1, =0.1.45, =2026.324.0-canary.0, =0.0.2, =0.2.2, =0.6.5, =0.6.6 - solounicornclub =0.3.1 - stacy-cli =0.3.1 Source cves: unknown CVE Source advisory: OSV:GHSA-XFQJ-R5QW-8G4J...

@agent-analytics/paperclip-live-analytics-plugin (>=0.1.1 <=0.1.11), @clawjedi/paperclip-plugin-chat (>=1.0.0 <=1.0.4) +16 more potentially affected by unknown CVE via @paperclipai/shared (>=2026.318.0-canary.0 <=2026.416.0-canary.1)

@paperclipai/shared NPM version =2026.318.0-canary.0, =0.1.1, =1.0.0, =0.0.1, =0.3.3, =0.1.0, =0.1.9, =2026.3.17-canary.0, =2026.3.17-canary.0, =2026.407.0-canary.5, =2026.3.17-canary.0, =2026.3.17-canary.2, =0.1.0, =2026.324.0-canary.0, =2026.325.0-canary.3 - corporateai =2026.328.0-canary.0 -...