MAL-2026-4198 Malicious code in terminal-logger-utils (npm)

terminal-logger-utils is a malicious npm package that when installed executes a postinstall hook that opens utils.cjs, an obfuscated malware dropper. The dropper checks the current system, downloads a platform-specific second-stage binary from Hugging Face, and executes it. The second-stage paylo...

GHSA-4524-CJ9J-G4FJ OneUptime: Password Reset Token Logged at INFO Level

Summary The password reset flow logs the complete password reset URL — containing the plaintext reset token — at INFO log level, which is enabled by default in production. Anyone with access to application logs log aggregation, Docker logs, Kubernetes pod logs can intercept reset tokens and perfo...

CVE-2026-22203 wpDiscuz before 7.6.47 - Options Export Leaks OAuth Secrets in Plaintext

wpDiscuz before 7.6.47 contains an information disclosure vulnerability that allows administrators to inadvertently expose OAuth secrets by exporting plugin options as JSON. Attackers can obtain exported files containing plaintext API secrets like fbAppSecret, googleClientSecret, twitterAppSecret...

CVE-2026-32248 Parse Server: Account takeover via operator injection in authentication data identifier

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.12 and 8.6.38, an unauthenticated attacker can take over any user account that was created with an authentication provider that does not validate the format of the user...

Cross-site Scripting

Apache Syncope Enduser is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization of user-controlled input on the Enduser Login page, allowing attackers to inject malicious scripts via crafted links, which can execute in the victim’s browser and potentially...

CVE-2026-22080 Insecure Transmission Vulnerability in Tenda Wireless Routers

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the transmission of credentials encoded using reversible Base64 encoding through the web-based administrative interface. An attacker on the same network could exploit this vulnerabilit...

Session Fixation

Overview Products.PluggableAuthService is a Pluggable Zope authentication / authorization framework Affected versions of this package are vulnerable to Session Fixation. Affected versions of this package are vulnerable to Session Fixation. The session authentication helper fails to clear session...

Enterprise Credentials at Risk – Same Old, Same Old?

Imagine this: Sarah from accounting gets what looks like a routine password reset email from your organization’s cloud provider. She clicks the link, types in her credentials, and goes back to her spreadsheet. But unknown to her, she’s just made a big mistake. Sarah just accidentally handed over...

New Shuyal Stealer Targets 17 Web Browsers for Login Data and Discord Tokens

Researchers warn of Shuyal Stealer, malware that gathers browser logins, system details, and Discord tokens, then erases evidence via Telegram...

EUVD-2005-1058

Malware in sbrugna...

EUVD-2018-16938

Malware in sbrugna...

EUVD-2022-2068

Malicious code in bioql PyPI...

EUVD-2025-30389

Malicious code in bioql PyPI...

CVE-2025-10776

CVE-2025-10776 affects LionCoders SalePro POS up to version 5.5.0 (and prior) with a vulnerability in the Login component that leads to cleartext transmission of sensitive information. The issue can be exploited remotely and is described as high complexity with difficult exploitability. Public ex...

Linux Distros Unpatched Vulnerability : CVE-2025-46801

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pgpool-II provided by PgPool Global Development Group contains an authentication bypass by primary weakness vulnerability. if the vulnerability is exploited, an...

Threat Actor Claims to Sell 15.8 Million Plain-Text PayPal Credentials

A seller named ChuckyBF is offering 15.8M PayPal logins with emails, passwords, and URLs. The data may come…...

Netflix Job Phishing Scam Steals Facebook Login Data

Beware of fake Netflix job offers! A new phishing campaign is targeting job seekers, using fraudulent interviews to…...

CVE-2023-1897

Atlas Copco Power Focus 6000 web server does not sanitize the login information stored by the authenticated user’s browser, which could allow an attacker with access to the user’s computer to gain credential information of the controller...

CVE-2022-45611

An issue was discovered in Fresenius Kabi PharmaHelp 5.1.759.0 allows attackers to gain escalated privileges via via capture of user login information...

CVE-2021-37036

There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280TD V100R005C00 and V100R005C10. Due to the improperly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause the informati...