GSD-2020-2021

creationtimestamp| type| source ---|---|--- 2026-04-15 02:43:43+00:00| seen| https://bsky.app/profile/installbasebot.bsky.social/post/3mjiurlrfns2k...

Malicious code in jurss-gsd-a2s (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a39557684f89e5e1c44e85cddab7fe0f42405eb40ff551f3811875a5c5e0d20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jurss-gsd-a1s (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2c932e4632f0a3c042ee8c06416badfc3bb7f80403f3aca6192592d04a88770 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jurss-gsd-a7s (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c055f5945ebfe39f3677a31590051cf058af83a13fbc4c29a8572ce1658a844f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in jurss-gsd-a8as (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97339ad518880dd4f147b9a64b1d1d61fed2095c72d65068e9cddbf5859abc41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-147469

Malicious code in turisna-gsd-11as npm...

Malicious code in gsd-common (npm)

The package gsd-common was found to contain malicious code...

MAL-2025-22010 Malicious code in gsd-common (npm)

The package gsd-common was found to contain malicious code...

CVE-2024-38394

Mismatches in interpreting USB authorization policy between GNOME Settings Daemon GSD through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules and...

gsd-db.net Cross Site Scripting vulnerability OBB-3381331

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

gsd-db.net Cross Site Scripting vulnerability OBB-3357768

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

GSD-2022-1000008 faker.js 6.6.6 is broken and the developer has wiped the original GitHub repo

faker.js had it's version updated to 6.6.6 in NPM which reports it as having 2,571 dependent packages that rely upon it and the GitHub repo has been wiped of content. This appears to have been done intentionally as the repo only has a single commit so it was likjely deleted, recreated and a singl...

Hackers' Op-Sec Failures Important Clues to Uncover APT Gangs

CANCUN – Sophistication, resourcefulness and ingenuity are characteristics usually associated with state-sponsored espionage hacker groups. But they’re certainly not infallible. Like most detective work, security analysts generally are able to toss back the covers on APT campaigns and major...

"Cyber China", from Operation Aurora to China Cyber Attacks Syndrome

"Cyber China", from Operation Aurora to China Cyber Attacks Syndrome Security Expert, from Security Affairs - Pierluigi Paganini takes us on a visit to China via The Hacker News January Edition Magazine Article and makes us wonder just how influential China's hacking is on world internet security...