HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
1.
▲
NPM debug and chalk packages compromised
aikido.dev
757 comments
9 months ago
universesquid
1372 points
2.
▲
Show HN: Pulsar, a browser-only GitHub PR monitor for engineering manager
pulsar.arkham-advisory.com
discuss
3 months ago
stumpyfr
2 points
3.
▲
Embedded malware in RC (NPM package)
github.com/advisories
114 comments
5 years ago
hjek
140 points
4.
▲
Pre-auth Remote Code Execution Vulnerability in Metasploit
github.com/justinsteven
25 comments
10 years ago
pimterry
140 points
5.
▲
Embedded Malicious Code in node-ipc
github.com/advisories
124 comments
4 years ago
planb
139 points
6.
▲
Embedded Malware in Coa
github.com/advisories
83 comments
5 years ago
StevePlea
137 points
7.
▲
GitHub Actions checkspelling community workflow GitHub_TOKEN leakage via symlink
github.com/justinsteven
35 comments
5 years ago
pentestercrab
129 points
8.
▲
Buffer Overflows in Notepad++
securitylab.github.com
60 comments
3 years ago
layer8
68 points
9.
▲
Claude Code CVE-2026-39861:sandbox escape via symlink
github.com/advisories
9 comments
a month ago
Armor1AI
51 points
10.
▲
Authorization Bypass in Next.js Middleware
github.com/advisories
2 comments
a year ago
nilsbunger
25 points
11.
▲
Notepad++ v8.5.6 still vulnerable to possible arbitrary code execution
securitylab.github.com
3 comments
3 years ago
dossy
18 points
12.
▲
Malware in fsevents
github.com/advisories
1 comment
3 years ago
peanut-walrus
16 points
13.
▲
Okta Auth0 JWT vulnerability CVE-2022-23529
github.com/advisories
2 comments
3 years ago
KingOfCoders
7 points
14.
▲
Legacy LVFS S3 bucket takeover and CVE-2020-10759 fwupd sig verification bypass
github.com/justinsteven
discuss
6 years ago
beefhash
6 points
15.
▲
Cloudflare/workers-OAuth-provider missing validation of redirect_URI
github.com/advisories
1 comment
a year ago
notachatbot123
5 points
16.
▲
GHSL-2021-1012: Poor random number generation in keypair – CVE-2021-41117
securitylab.github.com
discuss
5 years ago
detaro
5 points
17.
▲
Buffer Overflows in Notepad++
securitylab.github.com
2 comments
3 years ago
archy_
4 points
18.
▲
Path traversal in YouTube-dl leading to RCE – CVE-2024-38519
securitylab.github.com
discuss
2 years ago
todsacerdoti
4 points
19.
▲
Axios request smuggling via prototype pollution – Critical (CVSS 9.9)
github.com/advisories
1 comment
2 months ago
akhs
3 points
20.
▲
Malware in Ngx-Bootstrap
github.com/advisories
1 comment
9 months ago
lambdaone
3 points
21.
▲
Malware in Debug (npm)
github.com/advisories
1 comment
9 months ago
duggan
3 points
22.
▲
browserify/pbkdf2 returns predictable uninitialized/zero-filled memory
github.com/advisories
1 comment
a year ago
wslh
3 points
23.
▲
Embedded malware in ua-parser-JS (NPM package)
github.com/advisories
1 comment
5 years ago
carbonboarder
3 points
24.
▲
Embedded crypto miner in ua-parser-JS
github.com/advisories
1 comment
5 years ago
Fervicus
3 points
25.
▲
Fwupd – S3 bucket takeover and CVE-2020-10759 signature verification bypass
github.com/justinsteven
1 comment
6 years ago
pentestercrab
3 points
26.
▲
CVE-2021-41117: Poor random number generation in keypair
securitylab.github.com
discuss
5 years ago
Hackbraten
3 points
27.
▲
Legacy LVFS S3 bucket takeover and CVE-2020-10759 fwupd sig verification bypass
github.com/justinsteven
discuss
6 years ago
willlll
3 points
28.
▲
Distributed locking using PostgreSQL advisory locks
github.com/blockai
discuss
10 years ago
olalonde
3 points
29.
▲
Malware in Stylus
github.com/advisories
3 comments
a year ago
veidr
2 points
30.
▲
Vite Vulnerable to Arbitrary File Read via Vite Dev Server WebSocket
github.com/advisories
1 comment
2 months ago
lukax
2 points
More