Putting CLIMATE into Practice: Building an Inventory Management Plan

...

PT-2025-35169

Name of the Vulnerable Software and Affected Versions: coze-studio versions up to 0.2.4 Description: A vulnerability exists due to the use of hard-coded cryptographic keys. The issue is located in an unknown function within the backend/domain/plugin/encrypt/aes.go file. Manipulation of the...

Malicious code in @epc-apps/api-management-plan (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dcba229feeeaecf4b840caf01dc046b860329625fbae49197bcdbb35289561d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-233 Malicious code in @epc-apps/api-management-plan (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dcba229feeeaecf4b840caf01dc046b860329625fbae49197bcdbb35289561d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Friday Squid Blogging: Peru and Chile Address Squid Overfishing

Peru and Chile have a new plan. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

India Orders Security Certification for Government Websites After CBI Hack

India has mandated that all government ministries and departments secure their websites with proper certification. This directive follows the hacking of the Central Bureau of Investigation CBI website by a group calling themselves the "Pakistani Cyber Army." The National Informatics Centre has be...