607 matches found
DataTables 安全漏洞
DataTables is an open source time plugin for jQuery by SpryMedia Limited. A security vulnerability exists in DataTables version 1.10.13 and earlier, which stems from the incorrect manipulation of the parameter src in the file /examples/resources/examples.php, which could lead to a path traversal...
io.github.linyxus:papiers-core_3 (=0.2.0), io.taig:taigless-storage-http4s-server_3 (=0.15.0) +3 more potentially affected by CVE-2025-59822 via org.http4s:http4s-ember-server_3 (>=1.0.0-M29 <=1.0.0-M44)
org.http4s:http4s-ember-server3 MAVEN version =1.0.0-M29, =0.1, =0.1, =0.9.0, =0.9.4 Source cves: CVE-2025-59822 Source advisory: SNYK:JAVA-ORGHTTP4S-13019550...
Faculty-Management-System-examples.php-v.1.0-Path-Traversal
Faculty-Management-Sys...
Malicious code in json-rules-engine-examples (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c055e3188c933741c505c8cf3361cb2eea0557c98870f8b1b963fe27ae7a21a Any computer that has this package installed or running should be considered...
MAL-2025-46947 Malicious code in monolith-twirp-examples-octocat (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fdfcf3942823c14a7ceea5d23cfca1c1e841ebcea1ba353a95e16d204a90bca4 The OpenSSF Package Analysis project identified 'monolith-twirp-examples-octocat' @ 1.0.1 rubygems as malicious. It is considered malicious...
Malicious code in monolith-twirp-examples-octocat (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fdfcf3942823c14a7ceea5d23cfca1c1e841ebcea1ba353a95e16d204a90bca4 The OpenSSF Package Analysis project identified 'monolith-twirp-examples-octocat' @ 1.0.1 rubygems as malicious. It is considered malicious...
Malicious code in examples-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 518ba4bb1adf28c3721d2c8ff48d014ef14b3672e262a2f6eaa8acbe3a8f0823 The OpenSSF Package Analysis project identified 'examples-lib' @ 99.0.9 npm as malicious. It is considered malicious because: - The package...
MAL-2025-41288 Malicious code in examples-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 518ba4bb1adf28c3721d2c8ff48d014ef14b3672e262a2f6eaa8acbe3a8f0823 The OpenSSF Package Analysis project identified 'examples-lib' @ 99.0.9 npm as malicious. It is considered malicious because: - The package...
A Guide to Stakeholder Analysis for Cybersecurity Researchers
Stakeholder-based ethics analysis is now a formal requirement for submissions to top cybersecurity research venues. This requirement reflects a growing consensus that cybersecurity researchers must go beyond providing capabilities to anticipating and mitigating the potential harms thereof. Howeve...
Malicious code in sagemaker_examples (npm)
The package sagemakerexamples was found to contain malicious code...
MAL-2025-9266 Malicious code in @react-native-website/lint-examples (npm)
The package @react-native-website/lint-examples was found to contain malicious code...
MAL-2025-17333 Malicious code in com.microsoft.mixedreality.toolkit.examples (npm)
The package com.microsoft.mixedreality.toolkit.examples was found to contain malicious code...
Malicious code in cmf.mes.examples (npm)
The package cmf.mes.examples was found to contain malicious code...
MAL-2025-32622 Malicious code in sagemaker_examples (npm)
The package sagemakerexamples was found to contain malicious code...
Malicious code in confluent-examples-nodejs (npm)
The package confluent-examples-nodejs was found to contain malicious code...
MAL-2025-17220 Malicious code in cmf.mes.examples (npm)
The package cmf.mes.examples was found to contain malicious code...
MAL-2025-17485 Malicious code in confluent-examples-nodejs (npm)
The package confluent-examples-nodejs was found to contain malicious code...
curl: Insecure WebSocket Usage in curl Documentation and Examples (CWE-319: Cleartext Transmission of Sensitive Information)
The curl source repository contains official documentation and example code that demonstrate WebSocket connections using the insecure ws:// protocol instead of the secure wss://. This misleading guidance may encourage developers to implement cleartext WebSocket endpoints, exposing users and...
Evasive Ransomware Attacks Using Low-Level Behavioral Adversarial Examples
Protecting state-of-the-art AI-based cybersecurity defense systems from cyber attacks is crucial. Attackers create adversarial examples by adding small changes i.e., perturbations to the attack features to evade or fool the deep learning model. This paper introduces the concept of low-level...
That seemingly innocent text is probably a scam
A special thanks to all the people at Malwarebytes and ThreatDown for sharing the text messages they received from scammers. Many of us have received texts like these. Often super short, some flirty, some with a business tone, or sometimes just a simple ‘hello.’ You don't know the sender, and the...