EUVD-2014-2411

Malware in sbrugna...

EUVD-2017-0154

Malware in sbrugna...

EUVD-2016-6964

Malware in sbrugna...

EUVD-2017-15003

Malware in sbrugna...

EUVD-2012-4145

Malware in sbrugna...

EUVD-2024-21132

Malicious code in bioql PyPI...

EUVD-2023-33019

Malicious code in bioql PyPI...

EUVD-2023-2255

Malicious code in bioql PyPI...

EUVD-2023-57862

Malicious code in bioql PyPI...

EUVD-2023-35154

Malicious code in bioql PyPI...

EUVD-2021-32196

Malicious code in bioql PyPI...

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Java, Node.js and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, Node.js and IBM WebSphere Application Server Liberty used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2025-36047 DESCRIPTION: IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of...

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for July 2025.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.1-IF004 and 24.0.0-IF006 Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 t...

firefox security update

An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

ALSA-2025:12188 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...

Block Attributes - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-090

This module allows you to define custom attributes for a block. You can specify an attribute name to be added to the block in a predefined format. The module does not sufficiently validate the provided attributes, which makes it possible to insert JavaScript event attributes such as onmouseover,...

Mozilla Firefox < 138.0.4

The version of Firefox installed on the remote Windows host is prior to 138.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-36 advisory. - An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes...

CVE-2025-31475 tarteaucitron.js allows prototype pollution via custom text injection

tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior to 1.20.1, where the addOrUpdate function, used for applying custom texts, did not properly validate input. This allowed an attacker with direct access to the site's source code ...

firefox security update

An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

GroupGreeting e-card site attacked in “zqxq” campaign

This article was researched and written by Stefan Dasic, manager, research and response forThreatDown, powered by Malwarebytes Malwarebytes recently uncovered a widespread cyberattack—referred to here as the “zqxq” campaign as it closely mirrors NDSW/NDSX-style malware behavior—that compromised...