Systematic Cybersecurity Risk Analysis of European Rail Traffic Management System

European Rail Traffic Management System ERTMS is a widely adopted standard unifying train management in the EU. While the standard allows for use cases like fully autonomous driving, cybersecurity has been an afterthought. Risk analysis enables the systematic assessment and prioritization of...

Malicious code in local-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4649a6cac828460ea4a3e6d867038eaa507f109eb6a46de9eef1fc340d867608 The package executes lifecycle and import-time code that fetches executables and posts host data to off-publisher infrastructure. download.js line 92...

MAL-2026-4601 Malicious code in local-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4649a6cac828460ea4a3e6d867038eaa507f109eb6a46de9eef1fc340d867608 The package executes lifecycle and import-time code that fetches executables and posts host data to off-publisher infrastructure. download.js line 92...

Cursor AI Agent Wipes PocketOS Database and Backups in 9 Seconds

PocketOS founder says Cursor AI agent deleted its production database in 9 seconds after misusing a root API token, exposing major Railway security flaws...

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, New Zealand, and Germany. The activity, per Huntress, was first spotted on February 19, 2026, wit...

CVE-2022-33058

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletemessage...

CVE-2022-33049

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manageuser...

CVE-2022-33055

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/managetrain.php...

CVE-2022-33059

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletetrain...

CVE-2022-33060

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteschedule...

CVE-2022-33042

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/inquiries/viewdetails.php...

EUVD-2014-5724

Malware in sbrugna...

EUVD-2023-52733

Malicious code in bioql PyPI...

EUVD-2024-49842

Malicious code in bioql PyPI...

EUVD-2023-52731

Malicious code in bioql PyPI...

EUVD-2022-36116

Malicious code in bioql PyPI...

EUVD-2022-36106

Malicious code in bioql PyPI...

EUVD-2022-36115

Malicious code in bioql PyPI...

EUVD-2022-36099

Malicious code in bioql PyPI...

EUVD-2024-48669

Malicious code in bioql PyPI...