Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design th...

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++. The attack enabled the state-sponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to...

Notepad++ Updates Delivered Malware After Hosting Provider Breach

A months-long breach allowed Chinese State-sponsored hackers to hijack Notepad++ updates in 2025, exposing users to malware via a compromised hosting provider...

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update mechanism to redirect update traffic to malicious servers instead. "The attack involved an infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic...

Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider

Cloudflare on Thursday said it autonomously blocked the largest distributed denial-of-service DDoS attack ever recorded, which hit a peak of 7.3 terabits per second Tbps. The attack, which was detected in mid-May 2025, targeted an unnamed hosting provider. "Hosting providers and critical Internet...

Next.js 安全漏洞

Next.js is a React framework open-sourced by Vercel. Next.js suffers from a security vulnerability that stems from vulnerability to a denial of service DoS attack, where an attacker can construct a request to operate on the server to be in a hung state until the hosting provider cancels the...

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites

The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow logged-in users to access forms submitted by others on a site. Jetpack, owned by WordPress maker Automattic, is an all-in-one plugin that offers a comprehensive...

Command Injection

llamaindex is vulnerable to a Command Injection. The vulnerability is due to unsafe usage of the eval function, allowing a malicious or compromised LLM hosting provider to execute arbitrary commands on the client's machine...

GHSA-PW38-XV9X-H8CH RunGptLLM class in LlamaIndex has a command injection

A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...

RunGptLLM class in LlamaIndex has a command injection

A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...

CVE-2024-4181

A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...

CVE-2024-4181 Command Injection in run-llama/llama_index

A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...

CVE-2024-4181 Command Injection in run-llama/llama_index

A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...

CVE-2024-4181

The CVE-2024-4181 issue affects llama_index (RunGptLLM class) version 0.9.47 used by RunGpt framework to connect to LLMs. Root cause: unsafe use of eval enabling a malicious or compromised LLM hosting provider to run arbitrary commands on a client machine. Impact statements in sources indicate th...

LlamaIndex Code Injection Vulnerability

LlamaIndex is a data framework for LLM applications by the individual developer Jerry Liu. A code injection vulnerability exists in LlamaIndex version 0.9.47, which stems from improper use of the eval function and allows a malicious or compromised LLM hosting provider to execute arbitrary command...

CVE-2023-37262 CC: Tweaked SSRF to Cloud Services Metadata Services not Blocked by Default

CC: Tweaked is a mod for Minecraft which adds programmable computers, turtles, and more to the game. Prior to versions 1.20.1-1.106.0, 1.19.4-1.106.0, 1.19.2-1.101.3, 1.18.2-1.101.3, and 1.16.5-1.101.3, if the cc-tweaked plugin is running on a Minecraft server hosted on a popular cloud hosting...

CVE-2023-37261

OpenComputers is affected by CVE-2023-37261. The issue affects OpenComputers versions 1.2.0 through 1.8.3 in default configurations where the Internet Card is enabled. The root cause is that metadata-service endpoints used by cloud providers (e.g., AWS, GCP, Azure) are not properly blocked, enabl...

Why 8kun Went Offline During the January 6 Hearings

The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun.top and TheDonald.win in helping to organize and galvanize supporters who responded to former President Trumps invitation to "be wild" in Washington, D.C. on that chaotic day. At the same...

openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates

The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

Ukraine Universities Hacked As Russian Invasion Started

Note: This article has been updated to reflect that the hosting provider "Njalla", which routed the malicious traffic involved in this attack, is based in Sweden, not in Finland, although IP geolocation data indicates that the specific server that the traffic transited may be based in Finland. We...