CERTFR-2026-ACT-004

creationtimestamp| type| source ---|---|--- 2026-01-26 14:47:11+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3mddiej3zy226 2026-01-26 14:47:12+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/115961943162528773 2026-01-26 16:02:17+00:00| seen|...

Malicious Package

Overview radial-chart is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview xo-styles is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

Malicious Package

Overview polyfill-regenerator is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

CVE-2025-20240

creationtimestamp| type| source ---|---|--- 2025-09-25 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1645 2025-09-25 11:38:17+00:00| exploited| https://t.me/truesecator/7459 2025-09-26 08:27:34+00:00| seen|...

GHSA-JCRP-X7W3-FFMG Deep Java Library path traversal issue

Summary Deep Java Library DJL is an open-source, high-level, engine-agnostic Java framework for deep learning. DJL is designed to be easy to get started with and simple to use for Java developers. DJL provides a native Java development experience and functions like any other regular Java library...

Deep Java Library path traversal issue

Summary Deep Java Library DJL is an open-source, high-level, engine-agnostic Java framework for deep learning. DJL is designed to be easy to get started with and simple to use for Java developers. DJL provides a native Java development experience and functions like any other regular Java library...

PT-2025-4075

Name of the Vulnerable Software and Affected Versions Deep Java Library DJL versions 0.1.0 through 0.31.0 Description A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations. This issue exists d...

CVE-2024-38203

creationtimestamp| type| source ---|---|--- 2024-11-12 17:55:50+00:00| seen| https://infosec.exchange/users/cve/statuses/113471268438576919 2024-11-12 18:26:35+00:00| seen| https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review...

PT-2024-20011 · Unknown · Online-Ausweis-Funktion Eid

Name of the Vulnerable Software and Affected Versions: Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15 Description: The issue allows authentication bypass by spoofing, enabling a man-in-the-middle attacker to assume a victim's identity and access...

ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks

A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk VHD files, marking a deviation from the ISO optical disc image format. "These VHD files are being distributed with filenames that make them appear like either hacks or cracks for Nintendo and Steam games...

Google Pixel 数字错误漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a numeric error vulnerability. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the manufacturer's announcement...

“Chemical attack” email warnings deliver Jester Stealer malware

Jester Stealer, a malicious file capable of large amounts of data theft, is on the prowl again. The Ukrainian Computer Emergency Response Team CERT-UA has warned of a large distribution campaign abusing a "chemical attack" theme. Receiving an email like this in the invasion-affected regions of...