Malicious code in socket-first-level-dep-1 (npm)

The package socket-first-level-dep-1 was found to contain malicious code...

Malicious code in my-first-addon (npm)

The package my-first-addon was found to contain malicious code...

MAL-2025-37964 Malicious code in used-first-in-postinstall-script-dotslashed (npm)

The package used-first-in-postinstall-script-dotslashed was found to contain malicious code...

Malicious code in first-val (npm)

The package first-val was found to contain malicious code...

Malicious code in test-mlw2-first-leady (npm)

The package test-mlw2-first-leady was found to contain malicious code...

Malicious code in idelfonso-first-npm (npm)

The package idelfonso-first-npm was found to contain malicious code...

MAL-2025-34390 Malicious code in tailwindcss-first-line (npm)

The package tailwindcss-first-line was found to contain malicious code...

MAL-2025-34785 Malicious code in test-mlw1-first-leady (npm)

The package test-mlw1-first-leady was found to contain malicious code...

MAL-2025-20604 Malicious code in first-val (npm)

The package first-val was found to contain malicious code...

MAL-2025-6994 Malicious code in 21st-angular (npm)

The package 21st-angular was found to contain malicious code...

MAL-2025-22963 Malicious code in idelfonso-first-npm (npm)

The package idelfonso-first-npm was found to contain malicious code...

MAL-2025-33591 Malicious code in socket-first-level-dep-1 (npm)

The package socket-first-level-dep-1 was found to contain malicious code...

Malicious code in @malware-test-first-leady/test-mlw3-first-leady (npm)

The package @malware-test-first-leady/test-mlw3-first-leady was found to contain malicious code...

Malicious code in test-mlw1-first-leady (npm)

The package test-mlw1-first-leady was found to contain malicious code...

AI Applications in Cybersecurity

There is a really great series of online events highlighting cool uses of AI in cybersecurity, titled Prompt||GTFO. Videos from the first three events are online. And here's where to register to attend, or participate, in the fourth. Some really great stuff here...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the first display label field in the configuration of a custom sort widget. An attacker can execute arbitrary JavaScript code in the context of the user's browser by injecting a malicious payload that is...

GHSA-M5C7-5GV3-HCPF Liferay Portal 7.4.0 and Liferay DXP have a reflected cross-site scripting (XSS) vulnerability

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows...

Liferay Portal 7.4.0 and Liferay DXP have a reflected cross-site scripting (XSS) vulnerability

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows...

CVE-2025-43734

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows...

CVE-2025-43734

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows...