Lucene search
K

73 matches found

GithubExploit
GithubExploit
added yesterday23 views

exploit-validator

$repo Production-grade offensive security tool for Purpose...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/26 12:0 a.m.5 views

A Surveillance Evasion Game with Continuous Sensor Redeployment Via Bilevel Optimization

Uncrewed Aerial Systems UASs have become a growing threat to the security of critical infrastructure, exploiting spatiotemporal gaps in sensor perimeters to infiltrate restricted airspace undetected. We formulate this interaction as a two-player zero-sum differential game between an adversarial U...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/19 12:0 a.m.5 views

MAL-2026-4013 Malicious code in @antv/gi-mock-data (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/19 12:0 a.m.1 views

MAL-2026-4140 Malicious code in jest-less-loader (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/19 12:0 a.m.4 views

MAL-2026-4074 Malicious code in @antv/narrative-text-vis (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.7 views

Malicious code in @antv/stat (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.6 views

Malicious code in @antv/mcp-server-antv (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.8 views

Malicious code in @antv/data-wizard (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/19 12:0 a.m.3 views

MAL-2026-4014 Malicious code in @antv/gi-public-data (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
Wolfi
Wolfi
added 2026/05/12 7:48 a.m.6 views

GHSA-389R-GV7P-R3RP vulnerabilities

Vulnerabilities for packages: wolfictl, gitsign, kaniko, witness, kubescape, trufflehog, flux-source-controller, pulumi-kubernetes-operator, nuclei, pulumi-language-java, dagger, zot, gptscript, k9s, rancher-fleet, kubevela, trivy, act, gitaly, scorecard, steampipe, cerbos, kargo, pulumi,...

5.4AI score
Exploits0
Snyk
Snyk
added 2026/05/11 9:0 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS5.8AI score0.17051EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.6 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.17051EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.17051EPSS
Exploits3References2
GithubExploit
GithubExploit
added 2026/05/10 1:39 a.m.125 views

Dark-Moon

The Open-Source AI-...

6.1AI score
Exploits0
NVD
NVD
added 2026/03/11 5:16 p.m.1 views

CVE-2025-12555

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD...

4.3CVSS0.00019EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/03/11 4:7 p.m.4 views

CVE-2025-12555

Removed by vendor...

4.3CVSS5.8AI score0.00019EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.3 views

PT-2026-24721

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD...

4.3CVSS5.8AI score0.00019EPSS
Exploits0References6
Chainguard
Chainguard
added 2026/03/10 1:17 p.m.2 views

CVE-2026-27139 vulnerabilities

Vulnerabilities for packages: gitlab-kas, jaeger-operator-fips, ctop, minio-fips, nats-top, vault-k8s-fips, boring-registry-fips, kubernetes-dashboard-metrics-scraper, flannel-fips, cert-exporter, mods, promxy, kubernetes-csi-external-provisioner-fips, terraform-provider-databricks-fips, nri-mysq...

2.5CVSS7.5AI score0.00007EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/03/07 7:30 a.m.101 views

prima-incident-response-security-poc

DevOps Security Pipeline POC A security-integrated CI/CD pipe...

5.8AI score
Exploits0
HackRead
HackRead
added 2026/02/10 8:50 p.m.5 views

Best Tools for Test Data Management to Accelerate QA Teams in 2026

Test Data Management tools for 2026 ranked for QA and DevOps teams, comparing speed, self service, masking, CI/CD fit, and enterprise readiness...

5.4AI score
Exploits0
Rows per page
Query Builder