[SECURITY] Fedora 42 Update: libcgif-0.5.3-1.fc42

A fast and lightweight GIF encoder that can create GIF animations and images. Summary of the main features: - user-defined global or local color-palette with up to 256 colors limit of the GIF format - size-optimizations for GIF animations: - option to set a pixel to transparent if it has identica...

Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads

A packaging error in Anthropic’s Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and GhostSocks...

Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads

A packaging error in Anthropic’s Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and GhostSocks...

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Anthropic on Tuesday confirmed that internal code for its popular artificial intelligence AI coding assistant, Claude Code, had been inadvertently released due to a human error. "No sensitive customer data or credentials were involved or exposed," an Anthropic spokesperson said in a statement...

HCL Aftermarket DPC Hardcoding Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a hard-coded vulnerability that originates from hard-coded sensitive data, which can be exploited by an attacker to gain access to source code or retrieve these...

[SECURITY] Fedora 44 Update: python-pycparser-2.22-8.fc44

pycparser is a complete parser for the C language, written in pure Python. It is a module designed to be easily integrated into applications that need to parse C source code...

penclaw

🦀 PenClaw AI-powered penetration testing CLI. One command...

CVE-2025-55263

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

EUVD-2025-209083

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

CVE-2025-55263

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

CVE-2025-55263

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

CVE-2025-55263 HCL Aftermarket DPC is affected by Hardcoded Sensitive Data

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

CVE-2025-55263 HCL Aftermarket DPC is affected by Hardcoded Sensitive Data

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

CVE-2025-55263

Technical details (affected components, versions, exploit methods, or remediation) are not publicly provided in the supplied documents. Monitor for updates as information may be added later.

TOR Virtual Network Tunneling Tool 0.4.9.6

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

PT-2026-28288

Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description The software contains hardcoded sensitive data, potentially allowing an attacker to gain access to the source code. If the source code is stored in insecure repositories, the...

CVE-2026-4743 Null-Pointer Dereference Vulnerability in taurusxin/ncmdump

NULL Pointer Dereference vulnerability in taurusxin ncmdump ‎src/utils‎ modules. This vulnerability is associated with program files cJSON.Cpp‎. This issue affects ncmdump: before 1.4.0...

Hacker Group LAPSUS$ Claims Alleged AstraZeneca Data Breach

LAPSUS$ claims it breached AstraZeneca, offering alleged source code, credentials, cloud configs, and employee data for sale in leaked samples...

Wazuh 4.14.4

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

EUVD-2016-10813

ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access controls and retrieve sensitive information including...