News

Windows Report1d
Malicious NPM packages are stealing data and damaging systems
Security experts at Socket’s Threat Research team, have discovered a campaign in the NPM ecosystem, which includes Malicious ...
Developer Tech1d
60 malicious npm packages caught mapping developer networks
The npm registry is once again in the spotlight, this time battling a malware campaign using malicious packages to map ...
The Hacker News1d
Critical Versa Concerto Flaws Let Attackers Escape Docker and Compromise Hosts
Three critical Versa Concerto flaws disclosed after 90 days allow remote code execution via reverse proxy misconfigurations.
GitHub2d
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All publicly available Tsunami plugins are hosted in a separate google/tsunami-security-scanner-plugins repository.
CSO Online2d
Prompt injection flaws in GitLab Duo highlights risks in AI assistants
Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...
CSO Online3d
GitHub package limit put law firm in security bind
A cautionary tale of how a developer tool limit case could derail cybersecurity protections if not for quick thinking, public ...
GitHub5d
Pterodactyl Wings
Blueprint Create and install Pterodactyl addons and themes with the growing Blueprint framework - the package-manager for ... panel repository to report any issues or make feature requests for Wings.