Malicious code in nativescript-swisspost-pcc-creative-editor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9c9ef8861d14485e696e98c66d95ee5c2a5a608b213841c9c18b254003ae049 Package masquerades as an internal Swiss Post NativeScript package name nativescript-swisspost-pcc-creative-editor, description literally Security Po...

MAL-2026-5793 Malicious code in nativescript-swisspost-pcc-creative-editor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9c9ef8861d14485e696e98c66d95ee5c2a5a608b213841c9c18b254003ae049 Package masquerades as an internal Swiss Post NativeScript package name nativescript-swisspost-pcc-creative-editor, description literally Security Po...

modern-web-swiss-army-knife (>=2.7.2 <=2.7.4) potentially affected by CVE-2026-45321 via @tanstack/router-devtools (>=1.105.0 <=1.106.0)

@tanstack/router-devtools NPM version =1.105.0, =2.7.2, =2.7.4 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKROUTERDEVTOOLS-16640220...

Swiss-Bench 003: Evaluating LLM Reliability and Adversarial Security for Swiss Regulatory Contexts

The deployment of large language models LLMs in Swiss financial and regulatory contexts demands empirical evidence of both production reliability and adversarial security, dimensions not jointly operationalized in existing Swiss-focused evaluation frameworks. This paper introduces Swiss-Bench 003...

Apple Live Caller ID Privacy Concerns

Apple's oblivious HTTP relay for Live Caller ID Lookup iOS 18+ routes traffic through 14 third-party endpoints across six countries. These include an anonymous Delaware LLC sharing data with OpenAI, a Russian endpoint Yandex, and a Swiss GmbH whose privacy policy names "The Legal Entity to be...

Proton Mail Shared User Information with the Police

404 Media has a story about Proton Mail giving subscriber data to the Swiss government, who passed the information to the FBI. It's metadata--payment information related to a particular account--but still important knowledge. This sort of thing happens, even to privacy-centric companies like Prot...

ABB AWIN GW100 访问控制错误漏洞

The ABB AWIN GW100 is a communication gateway device produced by the Swiss company ABB. The ABB AWIN GW100 rev.2 2.0-1 and earlier versions, as well as the ABB AWIN GW120 1.2-1 and earlier versions, have a security vulnerability related to access control. This vulnerability stems from the lack of...

@farmfe/js-plugin-tailwindcss (>=0.0.2 <=0.0.20), @nohejs/core (>=1.0.0 <=1.1.106) +3 more potentially affected by CVE-2025-56647 via @farmfe/core (>=1.6.6 <=1.7.11)

@farmfe/core NPM version =1.6.6, =0.0.2, =1.0.0, =0.0.2, =2.7.0, =1.0.5, =1.3.4 Source cves: CVE-2025-56647 Source advisory: SNYK:JS-FARMFECORE-15282805...

@conglomerate/weaver (>=2.1.1 <=2.6.1), @derivative/derive (>=0.1.0 <=0.1.1) +10 more potentially affected by CVE-2025-69263 via pnpm (>=0.21.0 <=10.18.3)

pnpm NPM version =0.21.0, =2.1.1, =0.1.0, =0.1.0, =3.7.16, =2.3.0, =0.1.0, =0.2.7, =1.0.4, =1.0.7 Source cves: CVE-2025-69263 Source advisory: OSV:GHSA-7VHP-VF5G-R2FW...

EUVD-2024-46445

Malicious code in bioql PyPI...

EUVD-2025-8808

Malicious code in bioql PyPI...

EUVD-2025-8819

Malicious code in bioql PyPI...

Malicious code in swiss-army-knife (npm)

The package swiss-army-knife was found to contain malicious code...

MAL-2025-34295 Malicious code in swiss-army-knife (npm)

The package swiss-army-knife was found to contain malicious code...

Wire Swiss wire-ios 安全漏洞

Wire Swiss wire-ios is an iOS application from Wire Swiss open source. A security vulnerability exists in Wire Swiss wire-ios versions prior to 3.111.1 through 3.124.1, which originates from messages being logged in plaintext to the iOS system log, potentially leading to information disclosure...

CVE-2025-31544

Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP swiss-toolkit-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Swiss Toolkit For WP: from n/a through = 1.4.6...

CVE-2025-31546

Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP swiss-toolkit-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Swiss Toolkit For WP: from n/a through = 1.4.0...

WordPress Swiss Toolkit For WP plugin <= 1.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Swiss Toolkit For WP versions = 1.4.0...

WordPress Swiss Toolkit For WP plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Swiss Toolkit For WP versions = 1.4.2...

CVE-2025-31544

Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP swiss-toolkit-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Swiss Toolkit For WP: from n/a through = 1.4.5...