Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Packet Storm News
Packet Storm Newsadded 2025/06/21 12:0 a.m.2 views

Detecting Hard-Coded Credentials in Software Repositories Via LLMs

Software developers frequently hard-code credentials such as passwords, generic secrets, private keys, and generic tokens in software repositories, even though it is strictly advised against due to the severe threat to the security of the software. These credentials create attack surfaces...

7.1AI score
Exploits0
The Hacker News
The Hacker Newsadded 2023/12/05 10:14 a.m.50 views

15,000 Go Module Repositories on GitHub Vulnerable to Repojacking Attack

New research has found that over 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking. "More than 9,000 repositories are vulnerable to repojacking due to GitHub username changes," Jacob Baines, chief technology officer at VulnCheck, said in a report shared with T...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2023/02/25 4:54 p.m.2 views

Malicious code in tpreplacecraft (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b2ffed07322180c46d70d42663985ad8fdc81c9dee946ac5cd15c4744d329cf0 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

7AI score
Exploits0References1
The Hacker News
The Hacker Newsadded 2023/02/23 12:32 p.m.35 views

The Secret Vulnerability Finance Execs are Missing

The Other Risk in Finance A few years ago, a Washington-based real estate developer received a document link from First American – a financial services company in the real estate industry – relating to a deal he was working on. Everything about the document was perfectly fine and normal. The odd...

7AI score
Exploits0
The Hacker News
The Hacker Newsadded 2021/07/30 8:18 a.m.103 views

Several Malicious Typosquatted Python Libraries Found On PyPI Repository

As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing malicious code, once again highlighting how software package repositories are evolving into a popular target for supply chain attacks. "Lack of moderation and automat...

8.1AI score
Exploits0
Fedora
Fedoraadded 2016/08/16 7:30 p.m.33 views

[SECURITY] Fedora 24 Update: pulp-2.8.6-1.fc24

Pulp provides replication, access, and accounting for software repositories...

7.5CVSS6.8AI score0.01942EPSS
Exploits0
Fedora
Fedoraadded 2016/05/24 6:11 p.m.33 views

[SECURITY] Fedora 24 Update: pulp-2.8.3-1.fc24

Pulp provides replication, access, and accounting for software repositories...

5.5CVSS2.9AI score0.00393EPSS
Exploits0
OpenVAS
OpenVASadded 2009/04/09 12:0 a.m.9 views

Mandriva Update for mdkonline MDVA-2008:201 (mdkonline)

Check for the Version of mdkonline OpenVAS Vulnerability Test Mandriva Update for mdkonline MDVA-2008:201 mdkonline Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

7.4AI score
Exploits0References2
Friends Of PHP
Friends Of PHPadded 1970/01/01 12:0 a.m.10 views

Prevent installation typosquatting malware

More info at https://www.kernelmode.blog/typosquatting-malware-found-in-composer-repository/...

7.2AI score
Exploits0Affected Software1
Rows per page
Query Builder