The End of Trust: How Agentic AI Breaks Security Assumptions

For decades, the security of digital interaction has rested on an unacknowledged economic constraint. Attackers faced a tradeoff between the fidelity of a deception and the scale at which it could be deployed. Convincing impersonation required sustained human effort and was confined to a narrow s...

MAL-2026-2213 Malicious code in @virtahealth/substrate-root (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8348bbc19210fd9962510b31c4e08572ba739767bd183a4c867071a9a5f9d18 The package @virtahealth/substrate-root was found to contain malicious code. Source: google-open-source-security...

CSTS: A Canonical Security Telemetry Substrate for AI-Native Cyber Detection

AI-driven cybersecurity systems often fail under cross-environment deployment due to fragmented, event-centric telemetry representations. We introduce the Canonical Security Telemetry Substrate CSTS, an entity-relational abstraction that enforces identity persistence, typed relationships, and...

MAL-2026-1894 Malicious code in async-substrate-interface-sub (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in async-substrate-interface-sub (PyPI)

--- -= Per source details. Do not edit below this line.=-...

CVE-2021-41138

Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for pallet-ethereum, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of...

EUVD-2026-0930

Malicious code in async-substrate-interface-upgrade PyPI...

EUVD-2001-0494

Malware in sbrugna...

EUVD-2023-1743

Malicious code in bioql PyPI...

EUVD-2022-52750

Malicious code in bioql PyPI...

EUVD-2023-0996

Malicious code in bioql PyPI...

An Ultra-Sub-Wavelength Microwave Polarization Switch Implemented with Directed Surface Acoustic Waves in a Magnonic Crystal

The ability to switch the polarization of a transmitted electromagnetic wave from vertical to horizontal, or vice versa, is of great technological interest because of its many applications in long distance communication. Binary bits can be encoded in two orthogonal polarizations and transmitted...

CVE-2021-39193

Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26, a bug in pallet-ethereum can cause invalid transactions to be included in the Ethereum block state in pallet-ethereum due to not validating the input data size. Any invalid...

Malicious code in substrate-faucet (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c694048c1a8c1f3c9b8f183f75e0a9464e084cdaa8fc58c9a770190c4ab4824a Any computer that has this package installed or running should be considered...

Guillotine: Hypervisors for Isolating Malicious AIs

As AI models become more embedded in critical sectors like finance, healthcare, and the military, their inscrutable behavior poses ever-greater risks to society. To mitigate this risk, we propose Guillotine, a hypervisor architecture for sandboxing powerful AI models -- models that, by accident o...

PT-2025-7249 · Unknown · Orml Rewards

Name of the Vulnerable Software and Affected Versions: ORML Rewards pallet versions prior to the fixed version Description: A vulnerability in the add share function can lead to an uncaught Rust panic when handling user-provided input exceeding the u128 range. This issue affects any Substrate-bas...

MAL-2024-2410 Malicious code in gatsby-plugin-substrate (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in gatsby-plugin-substrate (npm)

--- -= Per source details. Do not edit below this line.=-...

Virtual Machines Do Not Start After the Upgrade of XenServer

After an upgrade of XenServer, Virtual Machines VMs will not start with the following error: Error: Starting VM 'Name-of-VM - This operation cannot be performed because the specified VDI could not be found on the storage substrate...

CVE-2023-45130

Frontier is Substrate's Ethereum compatibility layer. Prior to commit aea528198b3b226e0d20cce878551fd4c0e3d5d0, at the end of a contract execution, when opcode SUICIDE marks a contract to be deleted, the software uses storage::removeprefix now renamed to storage::clearprefix to remove all storage...