Malicious code in pull-goth-lsk (npm)

The package pull-goth-lsk was found to contain malicious code...

MAL-2025-30831 Malicious code in pull-goth-lsk (npm)

The package pull-goth-lsk was found to contain malicious code...

Researcher Spotlight: Cyber Viking Nate Warfield is Here to Help

“There are few jobs where I can say, I make two billion people more secure on the internet every single day.” Childhood Look: Goth kid, all in black Current Look: Cyber Viking Childhood hobby: Head banging to Metallica, Marilyn Manson, and Guns N’ Roses Current hobby: n0x08 DJ’s Live events aroun...

gitea -- multiple vulnerabilities

The Gitea Team reports for release 1.11.0: Never allow an empty password to validate 9682 9683 Prevent redirect to Host 9678 9679 Swagger hide search field 9554 Add "search" to reserved usernames 9063 Switch to fomantic-ui 9374 Only serve attachments when linked to issue/release and if accessible...

Insecure Number Generator

github.com/markbates/goth is vulnerable to insecure number generator. The SetState function in gothic.go uses math/rand which is a weak random number generator and not robust enough to withstand a cryptographic attack against it...