Malicious code in @onerjs/procedural-textures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0986739ab06b1514203d94938604b093b9ddfa2126a452ae0cc92795123a153a Package is published as @onerjs/procedural-textures but its metadata identifies it as the Babylon.js Procedural Textures Library: package.json declar...

MAL-2026-4412 Malicious code in @onerjs/procedural-textures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0986739ab06b1514203d94938604b093b9ddfa2126a452ae0cc92795123a153a Package is published as @onerjs/procedural-textures but its metadata identifies it as the Babylon.js Procedural Textures Library: package.json declar...

Code-Centric Detection of Vulnerability-Fixing Commits: A Unified Benchmark and Empirical Study

Automated detection of vulnerability-fixing commits VFCs is critical for timely security patch deployment, as advisory databases lag patch releases by a median of 25 days and many fixes never receive advisories. We present a comprehensive evaluation of code language model based VFC detection...

[SECURITY] Fedora 42 Update: rust-time-macros-0.2.27-1.fc42

Procedural macros for the time crate...

[SECURITY] Fedora 43 Update: rust-time-macros-0.2.27-1.fc43

Procedural macros for the time crate...

EUVD-2012-2640

Malware in sbrugna...

EUVD-2014-0154

Malware in sbrugna...

EUVD-2011-2137

Malware in sbrugna...

EUVD-2022-6662

Malicious code in bioql PyPI...

LegalSim: Multi-Agent Simulation of Legal Systems for Discovering Procedural Exploits

We present LegalSim, a modular multi-agent simulation of adversarial legal proceedings that explores how AI systems can exploit procedural weaknesses in codified rules. Plaintiff and defendant agents choose from a constrained action space for example, discovery requests, motions, meet-and-confer,...

MAVUL: Multi-Agent Vulnerability Detection Via Contextual Reasoning and Interactive Refinement

The widespread adoption of open-source software OSS necessitates the mitigation of vulnerability risks. Most vulnerability detection VD methods are limited by inadequate contextual understanding, restrictive single-round interactions, and coarse-grained evaluations, resulting in undesired model...

curl: on the implications of permitting procedural culling

Good day. My name is Lorentso Youriévitch Bogdanov. It has come to my attention that you are in need of higher-quality code review. Rest assured that you are not alone in noticing a certain degree of brain-drain in this field. As you can perhaps imagine, the recent shortage of qualified hackers a...

WhatsApp Case Against NSO Group Progressing

Meta is suing NSO Group, basically claiming that the latter hacks WhatsApp and not just WhatsApp users. We have a procedural ruling: Under the order, NSO Group is prohibited from presenting evidence about its customers' identities, implying the targeted WhatsApp users are suspected or actual...

The Digital Cybersecurity Expert: How Far Have We Come?

The increasing deployment of large language models LLMs in the cybersecurity domain underscores the need for effective model selection and evaluation. However, traditional evaluation methods often overlook specific cybersecurity knowledge gaps that contribute to performance limitations. To addres...

OESA-2024-1811 rust security update

Rust is a systems programming language focused on three goals:safety, speed,and concurrency.It maintains these goals without having a garbage collector, making it a useful language for a number of use cases other languages are not good at: embedding in other languages, programs with specific spac...

Fedora: Security Advisory (FEDORA-2024-60627905b6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: libdwarf-0.9.2-1.fc40

Library to access the DWARF debugging file format which supports source level debugging of a number of procedural languages, such as C, C++, and Fortran. Please see http://www.dwarfstd.org for DWARF specification...

Medium: rust

Issue Overview: Cargo downloads a Rust project's dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by cargo build --timings. A malicious package included as a dependency may inject...

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security measure Oracle has...

Oracle Database Server Security Vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing, and other functions. A security vulnerability in the PL/SQL component of Oracle Database Server, versions...