Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011265)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011265 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfsrelocatesyschunks The unhandled case in...

Windows File Shredder: When deleting a file isn’t enough

Most of us think deleting a file means it’s gone for good. But “delete” on a Windows device often just means “out of sight,” not necessarily “out of reach.” That’s where File Shredder, a new feature within Malwarebytes Tools for Windows, comes in. File Shredder lets you securely delete files from...

CVE-2026-0715

Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu do...

CVE-2025-14333

Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

CVE-2025-66287

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

EUVD-2025-117309

Malicious code in impossible-aquamarine-cattle npm...

Malicious code in impossible_shrew_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc87eee1fe4af1ea68cc59cbc102d7210c8587e47f2e3766516833c59656f11b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-98070

Malicious code in impossiblebirdz3n npm...

EUVD-2025-76596

Malicious code in impossiblegecko-smiletea npm...

EUVD-2025-76595

Malicious code in impossibleiguana-silentdev npm...

EUVD-2025-79054

Malicious code in impossiblestoatz3n npm...

EUVD-2025-81604

Malicious code in impossiblejunglefowl0xrequest npm...

MAL-2025-104010 Malicious code in impossible_bobolink_dumbs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 123f6c547ab2c53bc7f95b40d20933b6534d0da2006e53d53965dc5963cb2c8e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-81606

Malicious code in impossibleaardvark0xrequest npm...

EUVD-2025-71531

Malicious code in impossiblewallabyz3n npm...

EUVD-2025-71532

Malicious code in impossibleaardwolfz3n npm...

Malicious code in impossible_frog_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7f69a568e17c1d2e52f759fc3e3d646f2de293c3eee4a886e2eb1133a7e95b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-63601

Malicious code in impossiblefrogz3n npm...

EUVD-2025-85584

Malicious code in impossibleboarz3n npm...

EUVD-2025-53843

Malicious code in impossible-orange-rodent npm...