4650 matches found
Malicious code in taurus-babel-betelgeuse-sync (npm)
The package taurus-babel-betelgeuse-sync was found to contain malicious code...
Malicious code in element-ui-public-publish-sync (npm)
The package element-ui-public-publish-sync was found to contain malicious code...
Malicious code in hydra-gatsby-fomalhaut-sync (npm)
The package hydra-gatsby-fomalhaut-sync was found to contain malicious code...
Malicious code in biohacking-lacerta-redgiant-sync (npm)
The package biohacking-lacerta-redgiant-sync was found to contain malicious code...
Malicious code in despina-sync-forever-forever (npm)
The package despina-sync-forever-forever was found to contain malicious code...
MAL-2025-44128 Malicious code in element-ui-public-publish-sync (npm)
The package element-ui-public-publish-sync was found to contain malicious code...
MAL-2025-45727 Malicious code in quasarjet-gridsome-greatfilter-sync (npm)
The package quasarjet-gridsome-greatfilter-sync was found to contain malicious code...
Malicious code in eslint-plugin-gridsome-zenobia-sync (npm)
The package eslint-plugin-gridsome-zenobia-sync was found to contain malicious code...
Malicious code in iota-sync-json-andromeda (npm)
The package iota-sync-json-andromeda was found to contain malicious code...
MAL-2025-44171 Malicious code in eslint-plugin-gridsome-zenobia-sync (npm)
The package eslint-plugin-gridsome-zenobia-sync was found to contain malicious code...
MAL-2025-46242 Malicious code in taurus-babel-betelgeuse-sync (npm)
The package taurus-babel-betelgeuse-sync was found to contain malicious code...
MAL-2025-44754 Malicious code in janus-install-bunyan-sync (npm)
The package janus-install-bunyan-sync was found to contain malicious code...
MAL-2025-43978 Malicious code in despina-sync-forever-forever (npm)
The package despina-sync-forever-forever was found to contain malicious code...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the error handling for parameters marshalling. An attacker can obtain sensitive service account tokens sent to the providers by accessing log files containing these credentials...
CVE-2025-7445
Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs...
CVE-2025-7445
Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs...
CVE-2025-7445 Kubernetes secrets-store-sync-controller discloses service account tokens in logs
Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs...
Where Have All the Firewalls Gone? Security Consequences of Residential IPv6 Transition
IPv4 NAT has limited the spread of IoT botnets considerably by default-denying bots' incoming connection requests to in-home devices unless the owner has explicitly allowed them. As the Internet transitions to majority IPv6, however, residential connections no longer require the use of NAT. This...
PT-2025-36631
Hello Kubernetes Community, A security issue was discovered in secrets-store-sync-controller where an actor with access to the controller logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vau...
PT-2025-36106
Name of the Vulnerable Software and Affected Versions Kubernetes secrets-store-sync-controller versions prior to 0.0.2 Description The Kubernetes secrets-store-sync-controller discloses service account tokens in logs. Recommendations Update to version 0.0.2 or later...