5 matches found
Malicious code in auth-state-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fc857733e3c372868625f57425574859c653eb8ac16c97171aa9e929de13ca6 On require'auth-state-service', the package loads lib/writer.js, which at top level attempts require'ssr-auth-sync' and on failure shells out via...
MAL-2026-6655 Malicious code in auth-state-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fc857733e3c372868625f57425574859c653eb8ac16c97171aa9e929de13ca6 On require'auth-state-service', the package loads lib/writer.js, which at top level attempts require'ssr-auth-sync' and on failure shells out via...
CVE-2025-66524 Apache NiFi: Deserialization of Untrusted Data in GetAsanaObject Processor
Apache NiFi 1.20.0 through 2.6.0 include the GetAsanaObject Processor, which requires integration with a configurable Distribute Map Cache Client Service for storing and retrieving state information. The GetAsanaObject Processor used generic Java Object serialization and deserialization without...
Perry: a High-Level Framework for Accelerating Cyber Deception Experimentation
Cyber deception aims to distract, delay, and detect network attackers with fake assets such as honeypots, decoy credentials, or decoy files. However, today, it is difficult for operators to experiment, explore, and evaluate deception approaches. Existing tools and platforms have non-portable and...
Ukrainian Radio Stations Hacked to Broadcast Fake News About Zelenskyy's Health
Ukrainian radio operator TAVR Media on Thursday became the latest victim of a cyberattack, resulting in the broadcast of a fake message that President Volodymyr Zelenskyy was seriously ill. "Cybercriminals spread information that the President of Ukraine, Volodymyr Zelenskyy, is allegedly in...