North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a ...
Their plan to protect open-source projects from AI-discovered security holes has led to the launch of two commercial ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
TL;DR Why EN 303 645 matters ETSI EN 303 645 has given consumer IoT security a much-needed baseline. It gives manufacturers, assessors, and product teams a shared view of reasonable IoT security and ...
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal ...
Exploit for "Bad Epoll" Linux kernel vulnerability (CVE-2026-46242) can lead to root access on desktops, servers, and Android ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to ...
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Malicious npm packages mimicking Rollup polyfill tooling steal browser data, crypto wallets, and AI tool credentials in a Lazarus-linked campaign.
OpenDDE is a preview release. CLI flags, input/output JSON fields, and released checkpoints may change between versions, and predictions are not guaranteed to be reproducible across releases. It is ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results