Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Login
Top
New
Best
Ask
Show
Jobs
91.
▲
Nx compromised: malware uses Claude code CLI to explore the filesystem
(semgrep.dev)
493 points
neuroo
9 months ago
39 comments
92.
▲
CVE-2026-33691: OWASP CRS whitespace padding bypass vulnerability
3 points
relunsec
2 months ago
discuss
93.
▲
Malicious versions of Nx and some supporting plugins were published
(github.com/nrwl)
443 points
longcat
9 months ago
433 comments
94.
▲
Helm local code execution via a malicious chart
(github.com/helm)
172 points
irke882
a year ago
94 comments
95.
▲
Arbitrary file execution in TZinfo (Ruby)
(github.com/tzinfo)
106 points
Ichaelus
4 years ago
25 comments
96.
▲
Trivy ecosystem supply chain temporarily compromised
(github.com/aquasecurity)
102 points
batch12
3 months ago
37 comments
97.
▲
Composer leaks contents of tokens configured as GitHub OAuth tokens
(github.com/composer)
70 points
damienwebdev
23 days ago
27 comments
98.
▲
Malicious URLs cause Git (v2.26.0) to present stored credentials to wrong server
(github.com/git)
29 points
vwpolo3
6 years ago
2 comments
99.
▲
CVE-2024-23832 Mastodon Vulnerability: Remote user impersonation and takeover
(github.com/mastodon)
21 points
niel
2 years ago
3 comments
100.
▲
Flatpak: Complete Sandbox Escape
(github.com/flatpak)
20 points
eyberg
2 months ago
discuss
101.
▲
CVE-2025-5689: New authd users logging in via SSH are members of the root group
(github.com/ubuntu)
11 points
detaro
a year ago
discuss
102.
▲
Unauthenticated Remote Code Execution in Erlang/OTP SSH
(github.com/erlang)
8 points
asa400
a year ago
discuss
103.
▲
1-day RCE vulnerability in vim
(github.com/vim)
7 points
weinzierl
2 months ago
2 comments
104.
▲
Insecure Random Number Generation
(github.com/juliangruber)
7 points
Tomte
5 years ago
1 comment
105.
▲
Libfuse io_uring use-after-free and NULL deref (CVE-2026-33150, CVE-2026-33179)
(github.com/libfuse)
5 points
agarwal72
2 months ago
2 comments
106.
▲
Hardcoded Auth Token in RustFS (CVE-2025-68926)
(github.com/rustfs)
5 points
Tiberium
5 months ago
1 comment
107.
▲
CVE in jsoup: users should upgrade to version 1.14.2 [CVSS 7.5]
(github.com/jhy)
3 points
lrngjcb
5 years ago
1 comment
108.
▲
Axios: Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
(github.com/axios)
3 points
mhsdef
2 months ago
discuss
109.
▲
Unauthorized of Cline CLI with modified postinstall script to install OpenClaw
(github.com/cline)
3 points
tamnd
4 months ago
discuss
110.
▲
New authd users logging in via SSH are members of the root group
(github.com/ubuntu)
3 points
emreb
a year ago
discuss
111.
▲
Container breakout through process.cwd trickery and leaked fds
(github.com/opencontainers)
3 points
todsacerdoti
2 years ago
discuss
112.
▲
Show HN: Automated Kubernetes Pod Security Policy Creation
(github.com/sysdiglabs)
3 points
derek0405
7 years ago
discuss
113.
▲
Heap memory corruption in ASN.1 parsing code
(github.com/programa-stic)
3 points
tshtf
10 years ago
discuss
114.
▲
Unauthenticated Object Write Vulnerability in MinIO
(github.com/minio)
2 points
llui85
2 months ago
1 comment
115.
▲
Displaying a crafted file in Tabby terminal can run shell commands
(github.com/Eugeny)
2 points
logickkk1
17 days ago
discuss
116.
▲
Denial of Service Vulnerability in React Server Components
(github.com/facebook)
2 points
karimf
a month ago
discuss
117.
▲
macOS Stats: Local Privilege Escalation via Exposed XPC Method
(github.com/exelban)
2 points
inatreecrown2
4 months ago
discuss
118.
▲
.NET Security Feature Bypass Vulnerability
(github.com/dotnet)
2 points
alexis2b
8 months ago
discuss
119.
▲
Malicious versions of Nx and some supporting plugins were published
(github.com/nrwl)
2 points
todsacerdoti
9 months ago
discuss
120.
▲
Visual Studio Code for Linux Remote Code Execution Vulnerability CVE-2024-43601
(github.com/microsoft)
2 points
agrmohit
2 years ago
discuss
More