Why Tehran’s Two-Tiered Internet Is So Dangerous

Iran is slowly emerging from the most severe communications blackout in its history and one of the longest in the world. Triggered as part of January's government crackdown against citizen protests nationwide, the regime implemented an internet shutdown that transcends the standard definition of...

PT-2026-20516

MajorDoMo aka Major Domestic Module is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin method through the /objects/?module=saverestore endpoint without authentication because it uses gr'mode'...

Your passport, now on your iPhone. Helpful or risky?

Apple has launched Digital ID, a way for users in the US to create and present a government-issued ID in Apple Wallet using their passport information. For now, it works only for identity verification at Transportation Security Administration TSA checkpoints in more than 250 airports. Apple says...

MAL-2025-132873 Malicious code in domestic_kingfisher_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a44b86a614d819c5f4585cc067ac70bca6781441f1d9e5e4f4b6f58ea6e5d3a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-99745

Malicious code in domesticdogz3n npm...

EUVD-2025-99741

Malicious code in domesticstarfishz3n npm...

MAL-2025-125908 Malicious code in domestic_dog_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4501fe8863f1dcf898a779b1d69ed70639f2cc229b7946fe84de546af4df6728 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in domestic_starfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f7c5cc0457b67650706742c8c45c9de50517f4e9fda966501eff7a0114ca23a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-119549 Malicious code in domestic_aardwolf_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5f09408d9c27d9627014554e7e73102d5125b6979b034e4c4b9994e92138823 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-105754

Malicious code in domesticaardwolfz3n npm...

EUVD-2025-92433

Malicious code in domesticbugz3n npm...

EUVD-2025-74728

Malicious code in domestichippopotamusorange-67 npm...

EUVD-2025-79385

Malicious code in domesticcardinalz3n npm...

EUVD-2025-82171

Malicious code in domesticbear0xrequest npm...

EUVD-2025-82169

Malicious code in domestichoverflydumbs npm...

Malicious code in domestic_hoverfly_dumbs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c097201a2b65c4cb6e48607b942815e596aac8bb85e2e09f2336e632d755c8d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-72579

Malicious code in domesticcoraltoucan-29-tisubasah npm...

Malicious code in domestic_landfowl_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 116b2e7f6b7ef4162c4010ef2d349fb2f5b713a754cb205e2abcc572a0c934b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-64466

Malicious code in domesticanteaterz3n npm...

EUVD-2025-64461

Malicious code in domesticleechz3n npm...