28993 matches found
MAL-2025-57589 Malicious code in maya-peyek24-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b3e62dba89557f1f12f6b7d770b11a363d9c04132bc9f8f3478f3475fbf3929 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-55211 Malicious code in andi-tumis33-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef469c1914b445a02d05ce933efd96f062a16bf9b52f9a93dfd98ad277f0939e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-58383 Malicious code in riana-gembus66-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc7a1af8b03d6f8b902aace40b543963bd64d269bf8dd3256059333678bdc72c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Securing our future: November 2025 progress report on Microsoft’s Secure Future Initiative
When we launched the Secure Future Initiative SFI, our mission was clear: accelerate innovation, strengthen resilience, and lead the industry toward a safer digital future. Today, we’re sharing our latest progress report that reflects steady progress in every area and engineering pillar,...
MAL-2025-54752 Malicious code in rudi-lontong87-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0805bedf2fb70e1ea8cc536ff5162c1cd022b32bb2380ecfc51ac004bac27737 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-51986 Malicious code in gita-lapis14-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72dd608bc88cf762e6648776ba45ad89d2c3be82a38ef2f5ceb5559e74536388 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-53089 Malicious code in kiki-kue4-pore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 409f70cd7ee038155945ea4fbbdc7a483733de2c02424831f660e1db4087543d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in galih-empal30-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6464a4917db4e9bcd559b0cb0ddde49f6cac50737dfad98eb57946747dd90a2 The package galih-empal30-riris was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that floode...
MAL-2025-51256 Malicious code in cici-buburayam45-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b50a259e5c5bca0c84e8a8e972109cb6ed324b674600137aa89cfe373b6692b The package cici-buburayam45-ruro was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...
Malicious code in gilang-keripik95-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 582953e4345eb480aaffc0cfa8d51c907b0fc155738dc0a41db1af2db8636a35 The package gilang-keripik95-ruro was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...
MAL-2025-50147 Malicious code in citra-lodeh15-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb41fd3ee5cc4b0067d1a1ad9204a524daf98d1cf34c7f9efd7f88d2b0fa6cbf The package citra-lodeh15-riris was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that floode...
[SECURITY] Fedora 43 Update: bpfman-0.5.4-3.fc43
bpfman operates as an eBPF manager, focusing on simplifying the deployment and administration of eBPF programs...
The 7 Best Continuous Threat Exposure Management Tools
If your security team is drowning in a sea of "critical" alerts from your vulnerability scanner, you know the feeling of being busy without being effective. You spend all your time triaging and patching, but you never feel like you're actually ahead of the attackers. This is the core problem that...
EUVD-2025-38115
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress LearnPress Export Import learnpress-import-export allows PHP Local File Inclusion.This issue affects LearnPress Export Import: from n/a through = 4.0.9...
CVE-2025-48290
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in bslthemes Kinsley kinsley allows PHP Local File Inclusion.This issue affects Kinsley: from n/a through = 3.4.4...
Hybrid Fuzzing with LLM-Guided Input Mutation and Semantic Feedback
Software fuzzing has become a cornerstone in automated vulnerability discovery, yet existing mutation strategies often lack semantic awareness, leading to redundant test cases and slow exploration of deep program states. In this work, I present a hybrid fuzzing framework that integrates static an...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989480)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989480 advisory. In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpfprog refcount underflow Ice driver has the routines for managing XDP resources that...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988805)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988805 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Track subprog poke descriptors correctly and fix use-after-free Subprograms are calling...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989490)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989490 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix alignment problem in bpfprogtestrunskb We got a syzkaller problem because of...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: BPF: Disabling migration in nfhookrunbpf. Syzbot reported that the netfilter BPF program can be called without disabling migration in the xmit path. Then, the assertion in bpfprogrun fails, triggering a crash below. 0 Let’s use...