Malicious code in 0x2ai-demo6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f4a43a40af9e707d98ed55406b0ff32dccaad352fccf5d1eaaca41b9959d924 On npm install, scripts/postinstall.cjs writes .mcp.json into the installer's working directory INITCWD wiring Claude Code to a packaged MCP server...

CVE-2024-4013

A bug exists in the API, meshnodepoweroff, which fails to copy the contents of the Replay Protection List RPL from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning...