8 matches found
MAL-2025-12080 Malicious code in @zalastax/nolb-jsof (npm)
The package @zalastax/nolb-jsof was found to contain malicious code...
Malicious code in @zalastax/nolb-jsof (npm)
The package @zalastax/nolb-jsof was found to contain malicious code...
NAME:WRECK DNS Vulnerabilities
Cybersecurity researchers from Forescout and JSOF have released a report on a set of nine vulnerabilities—referred to as NAME:WRECK—affecting Domain Name System DNS implementations. NAME:WRECK affects at least four common TCP/IP stacks—FreeBSD, IPNet, NetX, and Nucleus NET—that are used in Intern...
[SECURITY] [DLA 2604-1] dnsmasq security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2604-1 [email protected] https://www.debian.org/lts/security/ March 22, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...
Ripple20 Treck TCP/IP Stack Vulnerabilities
Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF, who calls them Ripple20. A summary of JSOF’s research is here, along with a technical whitepaper. See the Rapid7 Analysis tab for further...
Trick or Treat! What We Can Learn from the Spookiest Vulnerabilities of the Year
Spooky season is in full swing, and we’re not just talking about Halloween. Security vulnerabilities can range from tiny errors to large-scale gaps in protection, and all have different consequences. We put together a list of some of the scariest vulnerabilities of the year the tricks! and the...
New Ripple20 Flaws Put Billions of Internet-Connected Devices at Risk of Hacking
The Department of Homeland Security and CISA ICS-CERT today issued a critical security advisory warning about over a dozen newly discovered vulnerabilities affecting billions of Internet-connected devices manufactured by many vendors across the globe. Dubbed "Ripple20," the set of 19...
Treck IP stacks contain multiple vulnerabilities
Overview Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF, who calls them Ripple20. Description Treck IP network stack software is designed for and used in a variety of embedded systems. T...