Malicious code in mylottery (npm)

The package mylottery was found to contain malicious code...

Malicious code in @leaffm/leaf-connect-naturisimo (npm)

The package @leaffm/leaf-connect-naturisimo was found to contain malicious code...

Malicious code in democbud (npm)

The package democbud was found to contain malicious code...

Malicious code in @zalastax/nolb-_tei (npm)

The package @zalastax/nolb-tei was found to contain malicious code...

Malicious code in equinox_k6hd3_hrmfw_zephyr (npm)

The package equinoxk6hd3hrmfwzephyr was found to contain malicious code...

Malicious code in xenon-kelp-lza221-project (npm)

The package xenon-kelp-lza221-project was found to contain malicious code...

Malicious code in dadang (npm)

The package dadang was found to contain malicious code...

Malicious code in file-alb-um-zip-new-mp3-35841-harbor-lights-hzhvw-aeyuch (npm)

The package file-alb-um-zip-new-mp3-35841-harbor-lights-hzhvw-aeyuch was found to contain malicious code...

Malicious code in project-lbhpb-ugli (npm)

The package project-lbhpb-ugli was found to contain malicious code...

Malicious code in quarry_ijaz5_4perg_kismet (npm)

The package quarryijaz54pergkismet was found to contain malicious code...

MAL-2025-23745 Malicious code in jest-sync-json-reporter (npm)

The package jest-sync-json-reporter was found to contain malicious code...

MAL-2025-29760 Malicious code in project-1qbjl-delta (npm)

The package project-1qbjl-delta was found to contain malicious code...

PT-2025-31848 · Anthropic · Filesystem Mcp Server +1

Name of the Vulnerable Software and Affected Versions: Claude affected versions not specified Description: The Claude code exhibits vulnerabilities related to path validation. The system is generally scoped to a current working directory and requests user consent when accessing unfamiliar files o...

CVE-2024-0261

A vulnerability has been found in Sentex FTPDMIN 0.96 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component RNFR Command Handler. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed t...

LLMs Unlock New Paths to Monetizing Exploits

We argue that Large language models LLMs will soon alter the economics of cyberattacks. Instead of attacking the most commonly used software and monetizing exploits by targeting the lowest common denominator among victims, LLMs enable adversaries to launch tailored attacks on a user-by-user basis...

UBUNTU-CVE-2024-47738

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 "wifi: mac80211: don't use rate mask for scanning", ignore incorrect settings to avoid no supported rate warning reported by syzbot. The...

Exploit for Path Traversal in Jenkins

Jenkins File Read Vulnerability - CVE-2024-23897 !My Shop...

CVE-2024-21685

CVE-2024-21685 affects Atlassian Jira Core Data Center. Introduced in versions 9.4.0, 9.12.0, and 9.15.0, it is a high-severity information disclosure (CVSS v3.1 base 6.5/7.4 depending on vector). An unauthenticated attacker can view sensitive data with user interaction required. Remediation from...

CVE-2024-21685

This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...

CVE-2024-34130 Acrobat Android : OverSecured Finding : Access to arbitrary* content providers via insecure Intent configuration

Acrobat Mobile Sign Android versions 24.4.2.33155 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could exploit this vulnerability to access confidential information. Exploitation of this issue does not require user...