Who Said CVE? How Vulnerability Identifiers Are Mentioned by Humans, Bots, and Agents in Pull Requests

Vulnerability identifiers such as CVE, CWE, and GHSA are standardised references to known software security issues, yet their use in practice is not well understood. This paper compares vulnerability ID use in GitHub pull requests authored by autonomous agents, bots, and human developers. Using t...

Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence AI tools to target developers and engineering teams in the blockchain sector. The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary'...

CVE-2026-1084

The Cookie consent for developers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple settings fields in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Cookie consent for developers plugin <= 1.7.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Multiple Settings Fields vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Multiple Settings Fields vulnerability discovered by 0x34rth in WordPress Plugin Cookie consent for developers versions = 1.7.1...

WordPress plugin: Cookie consent for developers – Cross-site scripting vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

GPT Academic Code Issues and Vulnerabilities

GPT Academic is an interface developed by binary-husky developers, designed to provide practical interactions for large language models like GPT/GLM. There are code vulnerabilities in GPT Academic; these vulnerabilities stem from the runinsubprocesswrapperfunc function, which lacks validation of...

From Extension to Infection: An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software Developers

This blog entry provides an in-depth analysis of the multistage delivery of the Evelyn information stealer, which was used in a campaign targeting software developers...

GitGuardian Closes 2025 with Strong Enterprise Momentum, Protecting Millions of Developers Worldwide

New York, NY, 14th January 2026, CyberNewsWire...

CVE-2020-12411

Mozilla developers reported memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 77...

CVE-2025-23202

Bible Module is a tool designed for ROBLOX developers to integrate Bible functionality into their games. The FetchVerse and FetchPassage functions in the Bible Module are susceptible to injection attacks due to the absence of input validation. This vulnerability could allow an attacker to...

Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition

Apple has been fined €98.6 million $116 million by Italy's antitrust authority after finding that the company's App Tracking Transparency ATT privacy framework restricted App Store competition. The Italian Competition Authority Autorità Garante della Concorrenza e del Mercato, or AGCM said the...

NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware

North Korean hackers escalated the "Contagious Interview" attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests...

Malicious Package

Overview chai-async is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. Once...

AIS-catcher 安全漏洞

AIS-catcher is an AIS receiver from Jasper Personal Developers. A security vulnerability exists in AIS-catcher versions prior to 0.64, which stems from a heap buffer overflow in the AIS::Message class that could lead to arbitrary data writes...

AIS-catcher 数字错误漏洞

AIS-catcher is an AIS receiver from Jasper Personal Developers. A numeric error vulnerability exists in AIS-catcher versions prior to 0.64, which stems from an integer overflow in the MQTT parsing logic that could lead to a denial of service and memory corruption...

TOR Virtual Network Tunneling Tool 0.4.8.21

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

MAL-2025-191772 Malicious code in kdewebhelper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 da8701a407522875f63d2aaa28d27194fe8e2faa4d7782fd66639f224ae62dcd Importing the module connects to a Telegram bot and provides its operator with abilities to execute commands, exfiltrate and encrypt data. The target group see...

Apple macOS Sequoia Permission Issues Vulnerability

Apple macOS Sequoia is an operating system announced by Apple on June 10, 2024 at the WWDC24 developer conference. Apple macOS Sequoia suffers from a privilege issue vulnerability that can be exploited by an attacker to cause a malicious app to gain root privileges...

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex's John Tuckner, the extension in question, juan-bianco.solidity-vlang version 0.0.7, was first published on October 31, 2025, ...

Russia Arrests Meduza Stealer Developers After Government Hack

Russia arrests developers of the notorious Meduza Stealer MaaS operation. Learn how the group's ‘fatal error’ led to the crackdown on domestic cybercrime...