OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from the direct embedding of long-term shared gateway credentials in the pairing setup code, which can be exploited by an attacker to recover and reuse credentials v...

Malicious code in @operato/shell (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21ac476a02ea2559959f2fb9a0811fd56ee2380dfc7bd199f7731e350b5899ad Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in @art-ws/common (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a490c632daaee5b64f871466f63aae92473f9d088ce9c7d1c40cf9a7de5de0d3 Any computer that has this package installed or running should be considered fully compromised. All...

CVE-2025-30154

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

CVE-2025-30154

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

TCPDump / LIBPCap Trojan Horse Vulnerability

Description It has been announced that the server hosting tcpdump and libpcap, www.tcpdump.org, was compromised recently. It has been reported that the intruder made modifications to the source code of tcpdump and libpcap to include trojan horse code. Downloads of the source code of tcpdump and...