Malicious code in @emcd-vue/auth (npm)

Part of a coordinated multi-package supply-chain attack impersonating EMCD emcd.io, a legitimate Russian cryptocurrency exchange and mining pool. The attacker registered the @emcd-vue npm scope to pose as an internal Vue.js front-end tooling package from "EMCD Platform Engineering." The package...

Malicious code in @t-in-one/application_id_storage_key_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

PT-2026-45035

Summary BoxLite is a sandbox service that allows users to create lightweight virtual machines Boxes and run OCI containers within them. BoxLite allows users to configure a timeout for services running inside the virtual machine. When the timeout is triggered, BoxLite sends a signal to kill the...

MAL-2026-5044 Malicious code in @t-in-one/restore_application_hid_from_storage (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Malicious code in @t-in-one/form_product_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Malicious code in @t-in-one/safe_local_storage_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

MAL-2026-5039 Malicious code in @t-in-one/get_application_hid (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

UBUNTU-CVE-2026-46223

In the Linux kernel, the following vulnerability has been resolved: cgroup: Defer css percpuref kill on rmdir until cgroup is depopulated A chain of commits going back to v7.0 reworked rmdir to satisfy the controller invariant that a subsystem's -cssoffline must not run while tasks are still doin...

CVE-2026-46223

CVE-2026-46223 (Linux kernel) affects the cgroups subsystem. The vulnerability description notes that a chain of commits (v7.0 onward) reworked rmdir to satisfy the invariant that ->css_offline() must not run while tasks still run in the cgroup. The fix defers percpu_ref kill for css until the...

SUSE CVE-2026-46073

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient kill delay during the rmdir operation in cgroups, potentially leading to race...

EUVD-2026-32456

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...

CVE-2026-46073

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...

CVE-2026-46073

hwmon: powerz Fix missing usbkillurb on signal interrupt...

Malicious code in pywingui (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db77876bf3b13e55750748761841f7ab77f17bd951bdc1c749e1e56d4416d7e pywingui 6.0.1 advertises itself as a Win32 UI automation framework but ships only Nuitka-compiled cp311-win32.pyd binaries the 4.py files are trivia...

Malicious code in ml2000 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 871b57a598bf1230a64fa6ee85d442eb30f21915176835801871dc46c59cedf6 On invoking the ml2000 CLI with no arguments, interactivemenu in src/mllabs/generator.py writes a batch file and launches it via...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handles SIGKILL by flushing work and exiting. Instead of lingering until the device is closed, this resolves the issue by handling SIGKILL as follows: 1. Marking the worker as killed, so we no longer attempt to use it...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: NFC: NULLed the dev-rfkill to prevent UAF The commit 3e3b5dfcd16a “NFC: reordered the logic in nfcun,registerdevice” assumes that the deviceisregistered function in the nfcdevup function will help to check when the rfkill is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/sched: Fixed the leak caused by referencing the fence’s reference count. The lastscheduledfence variable leaks when an entity is being terminated, and the cleanup callback fails. The reference count of prev should be...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021557)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021557 advisory. In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix check for probe enabled in killkprobe In killkprobe, the check whether...