Malicious code in turborepo-examples (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-6774 Malicious code in turborepo-examples (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

Malicious Package

Overview paypal-examples-langchain is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

MAL-2025-6115 Malicious code in paypal-examples-langchain (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8aabcced92aa935f39ef4e66942764d799e0d1ca4e87baffe59fd8fad22ac10 Any computer that has this package installed or running should be considered...

Malicious code in paypal-examples-langchain (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8aabcced92aa935f39ef4e66942764d799e0d1ca4e87baffe59fd8fad22ac10 Any computer that has this package installed or running should be considered...

Malicious code in nf-graph-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68c85cb3b4e04f7e1368dde1be75808c76da67cc6c23f52ed008ac697722496a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6187 Malicious code in nf-graph-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68c85cb3b4e04f7e1368dde1be75808c76da67cc6c23f52ed008ac697722496a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in realtime-examples-2w (npm)

The package communicates with a domain associated with malicious activity...

Temporal Unlearnable Examples: Preventing Personal Video Data from Unauthorized Exploitation by Object Tracking

With the rise of social media, vast amounts of user-uploaded videos e.g., YouTube are utilized as training data for Visual Object Tracking VOT. However, the VOT community has largely overlooked video data-privacy issues, as many private videos have been collected and used for training commercial...

Amplifying Machine Learning Attacks through Strategic Compositions

Machine learning ML models are proving to be vulnerable to a variety of attacks that allow the adversary to learn sensitive information, cause mispredictions, and more. While these attacks have been extensively studied, current research predominantly focuses on analyzing each attack type...

Exploit for OS Command Injection in Wago Compact_Controller_100_Firmware

CVE-2023-1698 CVE-2023-1698 exploit with golang how t...

org.apache.inlong:manager-client (>=1.3.0 <=2.1.0), org.apache.inlong:manager-client-examples (>=1.3.0 <=2.1.0) +2 more potentially affected by CVE-2025-27528 via org.apache.inlong:manager-pojo (>=1.13.0 <=2.1.0)

org.apache.inlong:manager-pojo MAVEN version =1.13.0, =1.3.0, =1.3.0, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27528 Source advisory: OSV:GHSA-98V7-XXXV-HCRH...

Django-Select2 Vulnerable to Widget Instance Secret Cache Key Leaking

Impact Instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can secret access tokens across requests. This can allow users to access restricted querysets and restricted data. Patches The problem has been patched in version 8.4.1 and all following...

CVE-2022-36022

Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM. Packages org.deeplearning4j:dl4j-examples and org.deeplearning4j:platform-tests through version 1.0.0-M2.1 may use some unclaimed S3 buckets in tests in examples. This is likely affect people who use...

Malicious code in examples-formic (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 074e879e97761583a22531a3d4f917977ac387e40c36bc5eb35e3f4b367db196 The OpenSSF Package Analysis project identified 'examples-formic' @ 100.0.2 npm as malicious. It is considered malicious because: - The package...

MAL-2025-3951 Malicious code in examples-formic (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 074e879e97761583a22531a3d4f917977ac387e40c36bc5eb35e3f4b367db196 The OpenSSF Package Analysis project identified 'examples-formic' @ 100.0.2 npm as malicious. It is considered malicious because: - The package...

tomcat: Apache Tomcat: DoS in examples web application

A flaw was found in the "examples" web application of Apache Tomcat. Numerous examples within that application did not place limits on uploaded data. This vulnerability can potentially trigger an out-of-memory OOM error, leading to a denial of service...

Safety Analysis in the NGAC Model

We study the safety problem for the next-generation access control NGAC model. We show that under mild assumptions it is coNP-complete, and under further realistic assumptions we give an algorithm for the safety problem that significantly outperforms naive brute force search. We also show that...

Towards Model Resistant to Transferable Adversarial Examples Via Trigger Activation

Whitepaper called Towards Model Resistant To Transferable Adversarial Examples Via Trigger Activation...

Q-FAKER: Query-Free Hard Black-Box Attack Via Controlled Generation

Many adversarial attack approaches are proposed to verify the vulnerability of language models. However, they require numerous queries and the information on the target model. Even black-box attack methods also require the target model's output information. They are not applicable in real-world...