Lucene search
K

4 matches found

OSV
OSV
added 2026/03/11 10:18 p.m.6 views

GHSA-F8Q5-H5QH-33MH xygeni-action v5 tag poisoned with C2 backdoor

Description On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main branch. However, the attacker used the...

9.3CVSS6AI score0.00496EPSS
Exploits0References4
Akamai Blog
Akamai Blog
added 2026/01/23 2:0 p.m.6 views

Akamai Block Storage Makes Block Disk Encryption the Default in Terraform

Learn about the early 2026 Terraform update, how the change will affect your workflow, and how to successfully navigate any issues that may arise...

5.5AI score
Exploits0
Cvelist
Cvelist
added 2026/01/08 9:56 a.m.26 views

CVE-2026-21894 n8n's Missing Stripe-Signature Verification Allows Unauthenticated Forged Webhooks

n8n is an open source workflow automation platform. In versions from 0.150.0 to before 2.2.2, an authentication bypass vulnerability in the Stripe Trigger node allows unauthenticated parties to trigger workflows by sending forged Stripe webhook events. The Stripe Trigger creates and stores a Stri...

6.5CVSS0.00432EPSS
Exploits0References3
Schneier on Security
Schneier on Security
added 2017/09/11 11:12 a.m.53 views

A Hardware Privacy Monitor for iPhones

Andrew "bunnie" Huang and Edward Snowden have designed a hardware device that attaches to an iPhone and monitors it for malicious surveillance activities, even in instances where the phone's operating system has been compromised. They call it an Introspection Engine, and their use model is a...

7AI score
Exploits0
Rows per page
Query Builder