Metasploit Wrap-Up 10/24/2025

Let us suggest persistence… This week's edition brings the new persistence suggester from h00die. Similar to the exploit variant, this module will list the available persistence mechanisms for your selected target. The module requires a session to target the machine, so it can run check methods...

GHSA-JFX9-29X2-RV3J pypdf can exhaust RAM via manipulated LZWDecode streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. Patches This has been fixed in pypdf==6.1.3. Workarounds If you cannot upgrade yet, consider applying the changes from P...

A Retrospective Survey of 2024/2025 Open Source Supply Chain Compromises

Lack of memory safety is such a predominant cause of security issues that we have a responsibility as professional software engineering to robustly mitigate it in security-sensitive use cases—by using memory safe languages. Similarly, I have the growing impression that software supply chain...

EUVD-2021-19580

Malware in sbrugna...

EUVD-2021-18778

Malware in sbrugna...

EUVD-2022-6338

Malicious code in bioql PyPI...

EUVD-2023-0443

Malicious code in bioql PyPI...

EUVD-2023-27852

Malicious code in bioql PyPI...

EUVD-2022-3278

Malicious code in bioql PyPI...

EUVD-2025-20825

Malicious code in bioql PyPI...

EUVD-2022-45037

Malicious code in bioql PyPI...

EUVD-2023-27851

Malicious code in bioql PyPI...

EUVD-2021-9998

Malicious code in bioql PyPI...

EUVD-2024-42300

Malicious code in bioql PyPI...

EUVD-2023-0268

Malicious code in bioql PyPI...

EUVD-2023-34931

Malicious code in bioql PyPI...

EUVD-2025-27053

Malicious code in bioql PyPI...

EUVD-2025-31664

Malicious code in bioql PyPI...

EUVD-2025-28133

Malicious code in bioql PyPI...

EUVD-2024-35854

Malicious code in bioql PyPI...