Yadea T5 Electric Bicycles 安全漏洞

Yadea T5 Electric Bicycles is a lightweight electric bicycle designed for urban commuting by Yadea Company. The Yadea T5 Electric Bicycles have a security vulnerability, which stems from a weak authentication mechanism in the keyless entry system. By using the fixed code RF protocol, local...

A Defender-Attacker-Defender Model for Optimizing the Resilience of Hospital Networks to Cyberattacks

Considering the increasing frequency of cyberattacks affecting multiple hospitals simultaneously, improving resilience at a network level is essential. Various countermeasures exist to improve resilience against cyberattacks, such as deploying controls that strengthen IT infrastructures to limit...

CVE-2023-43300

An issue in urbanproject mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2024-34555

Unrestricted Upload of File with Dangerous Type vulnerability in URBAN BASE Z-Downloads.This issue affects Z-Downloads: from n/a through 1.11.3...

Urban VPN Proxy Surreptitiously Intercepts AI Chats

This is pretty scary: Urban VPN Proxy targets conversations across ten AI platforms: ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok xAI, Meta AI. For each platform, the extension includes a dedicated "executor" script designed to intercept and capture conversations. The...

Chrome extension slurps up AI chats after users installed it for privacy

This case highlights a growing grey area in consumer privacy: data collection that is technically disclosed, but so far outside user expectations that most people would never knowingly agree to it. The next time you tell an AI chat assistant your deepest secrets, think twice; you never know who o...

CVE-2025-36360

IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy are affected by a race condition in http-session client-IP binding enforcement that may allow a session to be briefly reused from a new IP before invalidation, potentially enabling unauthorized access under certain network conditions. Affected vers...

CVE-2025-36360 IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Insufficient Session Expiration vulnerability

IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...

Featured Chrome Browser Extension Caught Intercepting Millions of Users' AI Chats

A Google Chrome extension with a "Featured" badge and six million users has been observed silently gathering every prompt entered by users into artificial intelligence AI-powered chatbots like OpenAI ChatGPT, Anthropic Claude, Microsoft Copilot, DeepSeek, Google Gemini, xAI Grok, Meta AI, and...

PT-2025-51282

Name of the Vulnerable Software and Affected Versions IBM UrbanCode Deploy versions 7.1 through 7.1.2.27 IBM UrbanCode Deploy versions 7.2 through 7.2.3.20 IBM UrbanCode Deploy versions 7.3 through 7.3.2.15 IBM DevOps Deploy versions 8.0 through 8.0.1.10 IBM DevOps Deploy versions 8.1 through...

IBM UrbanCode Deploy（IBM UCD）和IBM DevOps Deploy 代码问题漏洞

IBM UrbanCode Deploy IBM UCD and IBM DevOps Deploy are both products of International Business Machines IBM.IBM UrbanCode Deploy is a suite of application automation deployment tools. The tool is based on an application deployment automation management information model, and through remote agent...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Insufficient Session Expiration vulnerability (CVE-2025-36)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network...

PrivLLMSwarm: Privacy-Preserving LLM-Driven UAV Swarms for Secure IoT Surveillance

Large Language Models LLMs are emerging as powerful enablers for autonomous reasoning and natural-language coordination in unmanned aerial vehicle UAV swarms operating within Internet of Things IoT environments. However, existing LLM-driven UAV systems process sensitive operational data in...

Malicious code in urban_platypus_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ee9a6c36b738b5260ce24f2f5e5dc958a2ffd289f75b016db7cc0e129f3d42d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-101198

Malicious code in urbanplatypusz3n npm...

EUVD-2025-94416

Malicious code in urbanpythonz3n npm...

Malicious code in urban_rook_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46615d0d32f32f96a9c84a3690d1bc621cdd4cfc12522855c946ef84a514015b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-88184

Malicious code in urbanshrimpz3n npm...

EUVD-2025-75320

Malicious code in urbanchimpanzee-appteadev npm...

MAL-2025-110227 Malicious code in urban_crayfish-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96a110f635b769e91fdbf785888354f84ae408eaf237f9391320d55c3236a4b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...