Over the holidays, the npm package registry was flooded with more than 3,000 packages, including one called "everything," and others named a variation of the word. These 3,000+ packages make it ...
Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply chains.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results