packages

7 days ago

10 Best Patch Management Tools in 2025

In today’s digital landscape, maintaining secure and efficient IT systems is critical for organizations. Patch management tools play a vital…
Read More »
1 week ago

Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems

A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard for integrating generative AI (GenAI) tools…
Read More »
3 weeks ago

Vite Development Server Flaw Allows Attackers Bypass Path Restrictions

A critical security vulnerability, CVE-2025-31125, has been identified in the Vite development server. Due to improper path verification during URL request…
Read More »
March 10, 2025

WinDbg Vulnerability Allows Attackers to Execute Remote Code

Microsoft recently disclosed a critical vulnerability impacting its debugging tool, WinDbg, and associated .NET packages. Tracked CVE-2025-24043, this flaw allows…
Read More »
March 9, 2025

New PyPI Malware Targets Developers to Steal Ethereum Wallets

A recent discovery by the Socket Research Team has unveiled a malicious PyPI package named set-utils, designed to steal Ethereum…
Read More »
February 27, 2025

GitLab Vulnerabilities Allow Attackers to Bypass Security and Run Arbitrary Scripts

GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that could allow attackers to bypass…
Read More »
December 28, 2024

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack targeting various organizations, unlike typical…
Read More »
December 27, 2024

Beware of New Malicious PyPI packages That Steals Login Details

Two malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, were recently detected by Fortinet’s AI-driven OSS malware detection system. These packages, spotted…
Read More »
December 26, 2024

Researchers Uncovered Dark Web Operation Acquiring KYC Details

A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves the systematic collection and exploitation…
Read More »
December 26, 2024

IBM AIX TCP/IP Vulnerability Lets Attackers Exploit to Launch Denial of Service Attack

IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating system that could potentially lead to…
Read More »