Malicious code in 0x2ai-demo7x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7e956073a7db6057e4d42af462dba0299152ca992c113d74c715e90574d0efb On npm install, scripts/postinstall.cjs copies the package's payload/ tree into the installer's project root process.env.INITCWD, placing...

SUSE CVE-2026-25121

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatte...

CVE-2026-25121

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatte...

apko 安全漏洞

Apko is an open-source OCI image builder based on APK. Versions of Apko from 0.14.8 to 1.1.1 contained security vulnerabilities. These vulnerabilities stemmed from a path traversal vulnerability in the dirFS file system abstraction layer, which could lead to the creation of directories or symboli...

EUVD-2016-3444

Malware in sbrugna...

How to install Root CA cert on the iOS 11 with Receiver 7.3 upgraded from 7.2

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. Install the Root CA cert manually after upgrading the iOS Receiver 7.3...

Apple Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation

source: https://www.securityfocus.com/bid/5176/info A vulnerability has been reported for MacOS X where an attacker may use SoftwareUpdate to install malicious software on the vulnerable system. SoftwareUpdate uses HTTP, without any authentication, to obtain updates from Apple. Any updated packag...