Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This ...
Upwind traces multiple compromised AsyncAPI npm packages to a coordinated supply chain attack targeting software release pipelines and publishing identities.
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVSS ...
This software implements a polyphonic, multi-channel audio player on the Raspberry Pi. Its purpose is to trigger asynchronous audio events with low latency from a variety of trigger sources, including ...
SilicaProxy is a security proxy for artifact repositories that intercepts every package download and blocks vulnerable, deprecated, or newly published packages before they reach your builds. It sits ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results