Lucene search
K

40 matches found

Akamai Blog
Akamai Blog
added 2026/03/17 12:0 p.m.11 views

The Agentic Security Crisis: Why You Need to Act Now

...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/11 1:30 p.m.8 views

Watch out for tax-season robocalls pushing fake “relief programs”

While Americans are sorting through paperwork to get their taxes filed in time, scammers are working overtime to grab a piece of the action. As tax season ramps up, so does scam activity. Our telemetry shows a spike in robocalls impersonating tax resolution firms, tax relief agencies, and vaguely...

5.6AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-7298

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00473EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-27957

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.01912EPSS
Exploits0References1
Wiz blog
Wiz blog
added 2025/08/27 12:0 p.m.7 views

s1ngularity: supply chain attack leaks secrets on GitHub: everything you need to know

Detect and mitigate a critical supply chain compromise affecting the Nx NPM Package. Organizations should act urgently...

7.3AI score
Exploits0
OSV
OSV
added 2025/07/30 7:17 a.m.3 views

MAL-2025-6359 Malicious code in cookie-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c94db01436156d78a21b41d74cf372b4e12f89a2480b8986397309b1c4165b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/15 11:53 p.m.3 views

MAL-2025-5883 Malicious code in @web-kit-package/grab-login (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b40f792f041cb54fd538d312324aefe4be963bdebc3734132184a9c3b4c875fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/09 12:1 a.m.3 views

MAL-2025-5664 Malicious code in ai-guide (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 344da047769642e93f7d727b850c547fe9be2272daef99e44ef3f7c9b0f4bc77 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/08 11:58 p.m.2 views

MAL-2025-5671 Malicious code in berrynet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f54dd403bf9ea745a960f5acd6f5119e6a874444ab0bfae5660880850cebea4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Debian CVE
Debian CVE
added 2025/06/12 10:2 a.m.5 views

CVE-2025-1478

Removed by vendor...

7.5CVSS5.8AI score0.00349EPSS
Exploits0
OSV
OSV
added 2025/06/04 2:21 p.m.1 views

MAL-2025-4673 Malicious code in @sasmeee/gamble (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c87f47f35d7c73fd035a897353adf49aa127f906c05e5bb8ffa791b9465d8f71 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/05/27 5:12 a.m.3 views

MAL-2025-4518 Malicious code in vite-plugin-style-svg (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0a088c782de4d11381b6ebcd1c8b473f9d44157fc43c0e1cf01d289370f67c1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/02/21 10:15 p.m.8 views

Leantime has Insufficiently Protected Credentials

Due to improper cache control an attacker can view sensitive information even if they are not logged into the account anymore. Additional Information: 1.The issue was identified during routine security testing. 2.This vulnerability poses a significant risk to user privacy and data security...

6.7AI score
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.2 views

PT-2025-6235 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue is related to a rejected reason, but specific details about the problem are not provided. There is a mention of not waiting for...

6.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/31 12:0 a.m.3 views

PT-2024-25272 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: A vulnerability has been identified, but details are scarce. There is a mention of not waiting for vulnerability scanning results, indicating...

7AI score
Exploits0References1
Debian CVE
Debian CVE
added 2024/12/12 12:2 p.m.8 views

CVE-2024-8233

Removed by vendor...

7.5CVSS5.8AI score0.0075EPSS
Exploits1
OSV
OSV
added 2024/12/11 12:1 a.m.6 views

MAL-2024-11764 Malicious code in plugin-proposal-json-strings (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c11469c014eaf5720410613f78c79dd6cd0aa28aca6fd52a0152441fb13b242e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/12/08 9:59 p.m.4 views

MAL-2024-11279 Malicious code in @saleswhale/barnacle (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2024/11/25 3:21 a.m.4 views

MAL-2024-10920 Malicious code in conibase (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e70af172c9db7c1934d326429c7bc63ed721d3934ada0d8197542fb231535fec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Trellix
Trellix
added 2024/07/29 12:0 a.m.6 views

OneDrive Pastejacking

OneDrive Pastejacking: The crafty phishing and downloader campaign By Rafael Pena · July 29, 2024 Over the past few weeks, the Trellix Advanced Research Center has observed a sophisticated Phishing/downloader campaign targeting Microsoft OneDrive users. This campaign heavily relies on social...

7.2AI score
Exploits0
Rows per page
Query Builder