MAL-2026-6277 Malicious code in search-from-search (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06e2e600c7cba50d7cc3cbff52a18f77e508ec66be3a50cd4960f84771598548 package.json registers node callback.js as both preinstall and postinstall, so the payload runs automatically on npm install. callback.js collects th...

CVE-2026-10852 IBM i is Affected By a Denial of Service in IBM WebSphere Application Server Liberty

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server...

EUVD-2026-38346

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server...

EUVD-2026-38288

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to bypass authentication and gain unauthorized access to JAX-WS applications...

CVE-2026-5366

Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the GitRepository storage class. The commitsha parameter, which is passed to git commands, lacks validation and does not include a -- separator to distinguish user input from git...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus – Track the decryption status in vmbusgpadl. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the shared memory being...

Malicious code in ethereum-gas-reporter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7303c828115a527d477ea14684b3015e43fdcd36a7fa94041c16ccb3c2fbcfcc index.js line 144 contains require'chai-assert-kit' appended after the module's normal exports, with no other reference to chai-assert-kit anywhere i...

[SECURITY] Fedora 44 Update: xen-4.21.1-4.fc44

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

MAL-2026-5950 Malicious code in @mastra/hono (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ed4177a8fb31809df36c88a8dddc4cd35e888cb1cebbc380e44c09acdd055f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ITScape

🛡️ ITScape - Test your systems for security gaps !https:/...

[SECURITY] Fedora 44 Update: chezmoi-2.70.5-1.fc44

Manage your dotfiles across multiple diverse machines, securely...

PT-2026-49095

Glances 4.5.5 is release ! https://preview.redd.it/nr4odffe827h1.png?width=1909&format=png&auto=webp&s=5d337a845f700576ab19a9becce3e49de1cd1391 Quick test with uvx: uvx -U glances Bugs corrected: /api/4/containers stays 4-5s with 60 Docker containers 3559 Crash when using --sparkline 3547 VMs...

MAL-2026-5699 Malicious code in chai-web3-testkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecc1472c1964a224051ad01d14dabfdfd3ca26d594fff02fb07192f423238691 The package advertises itself as a Web3.js testing toolkit but its content is copied from the legitimate chai-smart-assert library and a malicious...

MAL-2026-5687 Malicious code in ecto-flag-read-m7p2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47c876fa0bc683b97fe06619068fb4b205e5813e95917d8cd6d9df7a732b1499 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ethical-hacking-security-labs

Ethical Hacking & Network Security Lab Portfolio A hands-on...

Systems-and-Cyber-Security-Coursework

CSI6SCS2526 — Systems and Cyber Security Coursework Gr...

MAL-2026-5675 Malicious code in ioredis-orm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15186d98f16a0cfdcb0cac8d616ea4afc4e6d1443be464ef1a140ab79a5d5d0a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5667 Malicious code in experian-analytics-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b17ea66ee9c256e21971184546b027011520942070236a348fe0da478b5ac66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in theta-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bbfa69ed41fd4cfb88637f2f5765174105f8c4eb42d4f433fdd05d642e664fa9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tailwindcss-animates-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 36f982d7c842137890d743938442fe409fd41a786fe5727bcd77277406b2a189 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...