369 matches found
Breaking things to keep them safe with Philippe Laulheret
In the latest Humans of Talos, Amy sits down with Senior Vulnerability Researcher Philippe Laulheret to demystify the world of ethical hacking. Philippe shares his unique journey from French engineering school to the front lines of cybersecurity, explaining how his lifelong love for solving puzzl...
MAL-2026-2794 Malicious code in puzzle-fragment (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad106eae22a8aa21a17cd44167776eebe2a94c245f6e224ba0d52312d8dd229c The package puzzle-fragment was found to contain malicious code...
Malicious code in puzzle-fragment (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad106eae22a8aa21a17cd44167776eebe2a94c245f6e224ba0d52312d8dd229c The package puzzle-fragment was found to contain malicious code...
Exploit for Use After Free in Redis
CVE-2025-49844 RediShell AI-made Revshell PoC Untested comple...
Malicious code in puzzle-render-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c63be86e7f93cd0f5f6663aa57978a4c6ff6b497ef1aafcddcdbea71e25fa02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-2097 Malicious code in puzzle-render-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c63be86e7f93cd0f5f6663aa57978a4c6ff6b497ef1aafcddcdbea71e25fa02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview puzzle-asset is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in puzzle-asset (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa20758e3fc1eaf5b167758e00f73f4f8cead459061a4971f7358e8aa7f436b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview puzzle-render-kit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-2096 Malicious code in puzzle-asset (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa20758e3fc1eaf5b167758e00f73f4f8cead459061a4971f7358e8aa7f436b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in puzzle-gateway (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f27caad6b59388e38056a6d8624f8f7b19441cee52bd007d0e1b3678e36dd240 The package puzzle-gateway was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1996 Malicious code in puzzle-gateway (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f27caad6b59388e38056a6d8624f8f7b19441cee52bd007d0e1b3678e36dd240 The package puzzle-gateway was found to contain malicious code. Source: ossf-package-analysis...
apache-gravitino (>=1.2.0 <=1.2.1rc2), cloudquery-plugin-sdk (=0.1.52) +12 more potentially affected by CVE-2026-32274 via black (>=26.1.0 <=26.3.0)
black PYPI version =26.1.0, =1.2.0, =0.4.0, =2.189.0, =0.12.0, =0.7.4, =0.8.0, =0.1.8, =2.54.8, =0.17.1, =1.2.1, =0.1.2, =0.1.0, =0.1.5 Source cves: CVE-2026-32274 Source advisory: SNYK:PYTHON-BLACK-15518063...
CVE-2025-7347 IDOR in Dinibh Puzzle's Dinibh Patrol Tracking System
Authorization Bypass Through User-Controlled Key vulnerability in Dinibh Puzzle Software Solutions Dinibh Patrol Tracking System allows Exploitation of Trusted Identifiers.This issue affects Dinibh Patrol Tracking System: through 10022026. NOTE: The vendor was contacted early about this disclosur...
Fedora: Security Advisory (FEDORA-2025-5c7374bfdb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-52751
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in colome Slide Puzzle slide-puzzle allows Reflected XSS.This issue affects Slide Puzzle: from n/a through = 1.0.0...
EUVD-2025-35484
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in colome Slide Puzzle slide-puzzle allows Reflected XSS.This issue affects Slide Puzzle: from n/a through = 1.0.0...
CVE-2025-52751
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in colome Slide Puzzle slide-puzzle allows Reflected XSS.This issue affects Slide Puzzle: from n/a through = 1.0.0...
CVE-2025-52751
CVE-2025-52751 affects the WordPress Slide Puzzle plugin (versions ≤ 1.0.0). The issue is a Reflected XSS caused by improper input neutralization during web page generation in the slide-puzzle component. Exploitation could allow an attacker to inject and execute scripts in a victim’s browser when...
CVE-2025-52751 WordPress Slide Puzzle plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in colome Slide Puzzle slide-puzzle allows Reflected XSS.This issue affects Slide Puzzle: from n/a through = 1.0.0...