719 matches found
EUVD-2023-40738
Malicious code in bioql PyPI...
EUVD-2025-21536
Malicious code in bioql PyPI...
EUVD-2022-26698
Malicious code in bioql PyPI...
EUVD-2023-39622
Malicious code in bioql PyPI...
EUVD-2023-28885
Malicious code in bioql PyPI...
EUVD-2022-26806
Malicious code in bioql PyPI...
EUVD-2022-26807
Malicious code in bioql PyPI...
EUVD-2022-26809
Malicious code in bioql PyPI...
EUVD-2022-26808
Malicious code in bioql PyPI...
EUVD-2022-26805
Malicious code in bioql PyPI...
EUVD-2022-26810
Malicious code in bioql PyPI...
Finance.js 安全漏洞
Finance.js is a JavaScript library for financial calculations by Essam B. Individual Developer. A security vulnerability exists in Finance.js version 4.1.0, which stems from improper handling of the depth parameter of the IRR function and could lead to a denial of service attack...
CVE-2025-56572
CVE-2025-56572 affects finance.js v4.1.0 and describes a Denial of Service via the seekZero() parameter or IRR depth parameter. Root cause is improper handling of recursion/iteration limits, leading to excessive CPU usage and potential application stalls or crashes. Reported in multiple sources (...
CVE-2025-56572
An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero parameter...
CVE-2025-56571
Finance.js v4.1.0 is affected by a DoS via the IRR() function (depth parameter) and via seekZero(), causing excessive CPU usage that can stall or crash applications. The root cause is improper handling of recursion/iteration limits. Exploitation status is not detailed in the provided documents. R...
Bitcoin continues to increase its institutional popularity
Not long ago, the mere idea that cryptocurrencies could ever be integrated into mainstream finance would have seemed…...
Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises
Phishing-as-a-Service PhaaS platforms keep evolving, giving attackers faster and cheaper ways to break into corporate accounts. Now, researchers at ANY.RUN has uncovered a new entrant: Salty2FA , a phishing kit designed to bypass multiple two-factor authentication methods and slip past traditiona...
AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals
Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought after and valued target. With the rapid expansion and adoption of AI, it is more critical than ever to ensure the endpoint is adequately secured by a platform...
Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE
The North Korea-linked threat actor known as the Lazarus Group has been attributed to a social engineering campaign that distributes three different pieces of cross-platform malware called PondRAT, ThemeForestRAT, and RemotePE. The attack, observed by NCC Group's Fox-IT in 2024, targeted an...
Malicious code in embedded-finance (npm)
The package embedded-finance was found to contain malicious code...