Malicious Package

Overview iv-bloomfilter is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Risk Models As Mediating Artifacts: A Postphenomenological Analysis of the CIIM Framework in Cybersecurity Practice

This article applies postphenomenological theory to the field of cybersecurity risk management, arguing that formal risk models function as mediating artifacts that shape how security practitioners or analysts perceive, interpret, and act on threats. Based on Don Ihde's taxonomy on human-technolo...

MiracleLinux 9 : iperf3-3.9-10.el9.ML.1 (AXSA:2023-6343:03)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6343:03 advisory. iperf3: memory allocation hazard and crash CVE-2023-38403 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : iperf3-3.1.7-3.el7 (AXSA:2023-6275:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6275:01 advisory. iperf3: memory allocation hazard and crash CVE-2023-38403 CVEs: CVE-2023-38403 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : iperf3-3.5-7.el8.ML.1 (AXSA:2023-6327:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6327:02 advisory. iperf3: memory allocation hazard and crash CVE-2023-38403 Tenable has extracted the preceding description block directly from the MiracleLinux security...

Abusing the Internet of Medical Things: Evaluating Threat Models and Forensic Readiness for Multi-Vector Attacks on Connected Healthcare Devices

Individuals experiencing interpersonal violence IPV, who depend on medical devices, represent a uniquely vulnerable population as healthcare technologies become increasingly connected. Despite rapid growth in MedTech innovation and "health-at-home" ecosystems, the intersection of MedTech...

Malicious code in putri-rawon47-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1bf74145d1a4483f9335764e3185e6220826eee91e2109edb078d42e6e735d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in umi-soto86-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd3b28412d5cf7f2933a32d0b8f97329a3cbfcf681b39d90440795e0f71dbd5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2017-7563

Malware in sbrugna...

Seeing Is Deceiving: Mirror-Based LiDAR Spoofing for Autonomous Vehicle Deception

Autonomous vehicles AVs rely heavily on LiDAR sensors for accurate 3D perception. We show a novel class of low-cost, passive LiDAR spoofing attacks that exploit mirror-like surfaces to inject or remove objects from an AV's perception. Using planar mirrors to redirect LiDAR beams, these attacks...

Malicious code in @zalastax/nolb-glg (npm)

The package @zalastax/nolb-glg was found to contain malicious code...

Malicious code in test-mlw2-rondo-yucky (npm)

The package test-mlw2-rondo-yucky was found to contain malicious code...

Malicious code in pisomky (npm)

The package pisomky was found to contain malicious code...

CVE-2025-6426

The executable file warning did not warn users before opening files with the terminal extension. This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12...

CISA: Weather Hazard Preparedness

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

GHSA-9J3M-FR7Q-JXFW Beego has Collision Hazards of MD5 in Cache Key Filenames

In the context of using MD5 to generate filenames for cache keys, there are significant collision hazards that need to be considered. MD5, or Message Digest Algorithm 5, is a widely known cryptographic hash function that produces a 128-bit hash value. However, MD5 is no longer considered secure...

Malicious code in hazard (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-5199 Malicious code in hazard (PyPI)

--- -= Per source details. Do not edit below this line.=-...

bpp-iplweb (>=202304.1100.0 <=202504.1174.0), django-saas-email (>=0.1.21 <=0.1.29) +8 more potentially affected by CVE-2024-38356 via django-tinymce (>=1.5.1b4 <=3.7.1)

django-tinymce PYPI version =1.5.1b4, =202304.1100.0, =0.1.21, =0.8.0, =3.3.3, =0.6.0, =0.1.3.2, =1.0.0b1, =0.3.0, =0.5.2 - zinnia-wysiwyg-tinymce =1.4.0 Source cves: CVE-2024-38356 Source advisory: OSV:GHSA-9HCV-J9PV-QMPH...

bpp-iplweb (>=202304.1100.0 <=202504.1174.0), django-saas-email (>=0.1.21 <=0.1.29) +8 more potentially affected by CVE-2024-38357 via django-tinymce (>=1.5.1b4 <=3.7.1)

django-tinymce PYPI version =1.5.1b4, =202304.1100.0, =0.1.21, =0.8.0, =3.3.3, =0.6.0, =0.1.3.2, =1.0.0b1, =0.3.0, =0.5.2 - zinnia-wysiwyg-tinymce =1.4.0 Source cves: CVE-2024-38357 Source advisory: OSV:GHSA-W9JX-4G6G-RP7X...