GHSA-C9J4-9M59-847W

creationtimestamp| type| source ---|---|--- 2026-05-20 19:07:38+00:00| seen| https://github.blog/security/investigating-unauthorized-access-to-githubs-internal-repositories/ 2026-05-21 10:45:20+00:00| seen| https://bsky.app/profile/tech-trending.bsky.social/post/3mmeahvo27p2m 2026-05-21...

EUVD-2026-29875

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, an adversary with knowledge of an investigation ID, could update the metadata of an investigation of another user. This vulnerability is fixed in 1.2.3...

Malicious code in chai-extensions-extra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08c4557ac7891cf67170afbc45eeafdc6e59cede3471c194636ecd8d80e570d3 The package chai-extensions-extra was found to contain malicious code...

`polymarkets-rs-clob-client` was removed from crates.io for malicious code

This is part of an ongoing campaign to attempt to typosquat crates in the polymarket-client-sdk ecosystem to exfiltrate user credentials. The malicious crate had 1 version published on 2026-02-19 approximately 20 hours before removal and had no evidence of actual downloads. There were no crates...

RUSTSEC-2026-0017 `clob-sdk` was removed from crates.io for malicious code

This is part of an ongoing campaign to attempt to typosquat crates in the polymarket-client-sdk ecosystem to exfiltrate user credentials. The malicious crate had 1 version published on 2026-02-20 approximately 4 hours before removal and had no evidence of actual downloads. There were no crates...

CVE-2025-20393

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due...

CVE-2025-20393

CVE-2025-20393 affects Cisco AsyncOS Software on Cisco Secure Email Gateway (SEG) and Cisco Secure Email and Web Manager (SEWM) appliances. The vulnerability stems from improper input validation in the Spam Quarantine feature, allowing unauthenticated remote attackers to execute arbitrary command...

PT-2025-51842

Name of the Vulnerable Software and Affected Versions Cisco AsyncOS versions prior to the fix for CVE-2025-20393 Cisco Secure Email Gateway SEG versions prior to the fix for CVE-2025-20393 Cisco Secure Email and Web Manager SEWM versions prior to the fix for CVE-2025-20393 Description Cisco Async...

"Mailbox is not fully configured" Error During Exchange Backup

Challenge A backup job may fail when processing Archive Mailbox objects with the following error: Processing archive mailbox: [email protected] failed with error: Mailbox is not fully configured. Solution This issue was resolved in Veeam Backup for Microsoft 365 8.2 P20251031 build...

EUVD-2022-7756

Malicious code in bioql PyPI...

EUVD-2022-27768

Malicious code in bioql PyPI...

EUVD-2022-7110

Malicious code in bioql PyPI...

EUVD-2021-7747

Malicious code in bioql PyPI...

CVE-2025-52089

creationtimestamp| type| source ---|---|--- 2025-07-17 21:02:37+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lu6tdmzivy2x 2026-03-12 21:02:39+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mgvcd3vznm27...

GHSA-2F88-5HG8-9X2X

creationtimestamp| type| source ---|---|--- 2025-07-16 03:28:42+00:00| seen| https://gist.github.com/safer-bot/685bc6d74a8ba9535ec0a502d8e83d05 2025-07-16 03:44:39+00:00| seen| https://gist.github.com/safer-bot/a2f85bb3abd40ab169cfae05635f3231 2025-07-16 05:45:14+00:00| seen|...

Qantas: Breach affects 6 million people, “significant” amount of data likely taken

Australia's largest airline Qantas has confirmed that cybercriminals have gained access to a third party customer servicing platform that contained 6 million customer service records. Qantas says the breach occurred after a cybercriminal targeted a call centre and managed to gain access to the...

GHSA-XQ5X-WGCM-3P33

creationtimestamp| type| source ---|---|--- 2025-06-18 22:41:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18814 2025-06-18 22:53:06+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114706821031041429 2025-06-18 23:00:49+00:00| published-proof-of-concept|...

Senators Warn the Pentagon: Get a Handle on China’s Telecom Hacking

In a letter to the Department of Defense, senators Ron Wyden and Eric Schmitt are calling for an investigation into fallout from the Salt Typhoon espionage campaign...

She Was a Russian Socialite and Influencer. Cops Say She’s a Crypto Laundering Kingpin

Western authorities say they’ve identified a network that found a new way to clean drug gangs’ dirty cash. WIRED gained exclusive access to the investigation...

UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575)

Fortinet and Mandiant investigated the mass exploitation of FortiManager devices via CVE-2024-47575, impacting 50+ systems across industries. Threat…...