Malicious code in weavedb-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 469844df44557b10f865edf7d3d000fd90c901c6a42cc5402116247dca1528f0 package.json declares "preinstall": "./scripts/postbuild". The referenced file is not a script but a 976,568-byte UPX-packed Linux x86-64 ELF binary...

PT-2026-35811

Name of the Vulnerable Software and Affected Versions GRASSMARLIN versions prior to 3.2.1 GRASSMARLIN version 3.2.1 Description Improper handling of XML input occurs due to insufficient hardening of the XML parsing process. This allows crafted session data, specifically within session files .gm3,...

Exploit for Expression Language Injection in Vmware Spring_Data_Mongodb

SpringData - SpEL RCE Exploit - CVE-2022-22980 Exploit pour l...

Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed

Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fastlog to steal Solana and Ethereum wallet keys from source code. The crates, named fasterlog and asyncprintln, were published by the threat actor under the alias rustguruman and...