Acoustic Side-Channel Attacks on a Computer Mouse

Acoustic Side-Channel Attacks ASCAs extract sensitive information by using audio emitted from a computing devices and their peripherals. Attacks targeting keyboards are popular and have been explored in the literature. However, similar attacks targeting other human interface peripherals, such as...

MAL-2025-3714 Malicious code in crisp-import-conversations (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 695e694069b00b1d669921e34a38537e57d625a52cebab80f5ae8af1221b8377 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-4226

A vulnerability classified as critical has been found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. This affects an unknown part of the file /add-computer.php. The manipulation of the argument compname/comploc leads to sql injection. It is possible to initiate the attack remotely. The...

PHPGurukul Cyber Cafe Management System SQL注入漏洞

Cyber Cafe Management System is an internet cafe management system. Cyber Cafe Management System suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter compname/comploc in the file add-computer.php resulting in SQL injection. No details of the...

Malicious code in swap-subgraph (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc32db990bb425f3c32c2f312da5d2e3315f210e4aa1cc342f3df5c3827f6fe5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3582 Malicious code in passkeys-integration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10656f77a1b38bf858443c5f4372da8b3a88fc8685d6750ebb92f8b6d6ecde2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3581 Malicious code in next-log-patcher (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dfce41719d550a7097080921b8d71c939042745806269bbd66ba0e2033dee574 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3567 Malicious code in array-length-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1eeb8fbe13dcffd2d78c2677d8add867f32dd32725416d8f2f71ff2df0ba6f62 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3568 Malicious code in expi-session (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0a80c852d048afe990e5644658ba661fb205972c1aa8f4b074ee3f9c7530d0a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-45956

A SQL injection vulnerability in managedamage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL commands via the "id" parameter...

Malicious code in managethis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c683dca54122fc6e6b92b5c4b1b65e4fdb4accc582812cd422e28002c5166946 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3558 Malicious code in ts-39-issue-ts-ignore-tsx (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c02d4a8f90b9a988e36249fe6014a9902821ad4c16a9857ab195189a26757624 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3550 Malicious code in easyship-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb88996af76273910ad50c925b80398cf3500db0b334d4785f6d3d3f415a3b51 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3556 Malicious code in passports-twitter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ed2e22762097011eaacc32402595cb2ee0cc37014af41523745f7fd75f14f32 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3553 Malicious code in internal-payroll-lib-v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f2f9ac4669489d305522859900c9fc0c92c656de17f018f9369aee637348083 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3547 Malicious code in carcandofilex (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d04f8661d47623c323ee795cb954afb6a58fcaaae0b911beb0f6752004996496 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3545 Malicious code in basstiontrestbeesk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b8881eb059c7180bd2dbd7b6d31f02a7d5afc3da2401f20cf1669e23e80bdd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3546 Malicious code in blur-plugins (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 546086c9d282770ea8502cf0f8216b1108513a9a88261a4f447bd8ec95a09b0d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Digital rampage saw ex-Disney employee remove nut allergy info from menus, dox co-workers, and more

A former Disney employee, Michael Scheuer, will serve three years in prison for computer fraud and aggravated identity theft after a digital sabotage campaign against his ex-employer. In addition to his sentence, he must pay nearly US$688,000 in restitution. Scheuer, a former menu production...

MAL-2025-3529 Malicious code in multicogs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f85a167740adb72f8d007b2b4adaaa8b7f08b2b5626f394606d41c79afaed4e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...