CVE-2025-64756

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...

Malicious code in library-volcanology-magnetosphere-foundation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 708f64ae257d4aca048c20cf895d70f55011231980d876ebe03f4b405952b3a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

[SECURITY] Fedora 42 Update: qt5-qtxmlpatterns-5.15.18-1.fc42

The Qt XML Patterns module provides support for XPath, XQuery, XSLT, and XML Schema validation...

GO-2025-4004 Canonical LXD Arbitrary File Read via Template Injection in Snapshot Patterns in github.com/lxc/lxd

Canonical LXD Arbitrary File Read via Template Injection in Snapshot Patterns in github.com/lxc/lxd...

AI Pulse: How Big Tech Impacts AI Bot Traffic

...

AWS Bedrock Prompt Caching Support in Spring AI

In our previous blog post about Anthropic prompt caching, we explored how prompt caching dramatically reduces API costs and latency by reusing previously processed prompt content. We introduced Spring AI's five strategic caching patterns for Anthropic Claude models and showed how they automatical...

Unvalidated Trust: Cross-Stage Vulnerabilities in Large Language Model Architectures

As Large Language Models LLMs are increasingly integrated into automated, multi-stage pipelines, risk patterns that arise from unvalidated trust between processing stages become a practical concern. This paper presents a mechanism-centered taxonomy of 41 recurring risk patterns in commercial LLMs...

CVE-2025-61581

CVE-2025-61581 describes an Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control affecting all versions. The description states that users with access to the Traffic Router management interface could supply malicious patterns, potentially causing unavailability. The p...

Pattern Enhanced Multi-Turn Jailbreaking: Exploiting Structural Vulnerabilities in Large Language Models

Large language models LLMs remain vulnerable to multi-turn jailbreaking attacks that exploit conversational context to bypass safety constraints gradually. These attacks target different harm categories like malware generation, harassment, or fraud through distinct conversational approaches...

New Microsoft Secure Future Initiative (SFI) patterns and practices: Practical guides to strengthen security

Building on the momentum of our initial launch of the Microsoft Secure Future Initiative SFI patterns and practices, this second installment continues our commitment to making security implementation practical and scalable. The first release introduced a foundational library of actionable guidanc...

EUVD-2015-8266

Malware in sbrugna...

EUVD-2006-4646

Malware in sbrugna...

EUVD-2007-1653

Malware in sbrugna...

EUVD-2007-1655

Malware in sbrugna...

EUVD-2019-4874

Malware in sbrugna...

EUVD-2019-10992

Malware in sbrugna...

EUVD-2016-2475

Malware in sbrugna...

EUVD-2019-7749

Malware in sbrugna...

EUVD-2015-3412

Malware in sbrugna...

EUVD-2018-0549

Malware in sbrugna...