EUVD-2011-4616

Malware in sbrugna...

EUVD-2023-25730

Malicious code in bioql PyPI...

CVE-2025-33136

CVE-2025-33136 affects IBM Aspera Faspex 5 (versions 5.0.0–5.0.12). The issue is due to improper protection of assumed immutable data (MAID), enabling an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user. According to IBM’s advisory, reme...

Insights from the field:  Key Findings from the ICIT report on Government Cloud Security

Wiz partnered with the Institute for Critical Infrastructure Technology ICIT publishing a report around findings from a survey given to federal and state agencies, highlighting the growing importance of cloud and AI technologies, and concerns around available resources and data protections...

DeepSeek found to be sharing user data with TikTok parent company ByteDance

A couple of weeks ago we reported on the concerns surrounding data collection and security at DeepSeek, the Chinese AI company which recently made headlines for shaking up the industry after seemingly appearing from nowhere to become top of the app download charts. Now South Korea’s Personal...

PT-2024-41143 · 7 Zip · 7-Zip

Name of the Vulnerable Software and Affected Versions: 7-Zip affected versions not specified Description: The issue is related to a flaw in the Mark-of-the-Web protection mechanism of 7-Zip, which can lead to data protection violations. Exploitation of this issue may allow an attacker to execute...

CVE-2021-32934 ThroughTek P2P SDK - Cleartext Transmission of Sensitive Information

The affected ThroughTek P2P products SDKs using versions before 3.1.5, any versions with nossl tag, device firmware not using AuthKey for IOTC conneciton, firmware using AVAPI module without enabling DTLS mechanism, and firmware using P2PTunnel or RDT module do not sufficiently protect data...