SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB of data.

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
GitHub

A java-based honeypot dashboard that sits on any website to observe SQL Injection, XSS, brute-force login attempts, admin page scans, and unauthorized access behaviors.

There was an error while loading. Please reload this page. High-Interaction Honeypot Project Overview The main objective of the high-interaction honeypot project is ...
InfoQ

Voices Enables Fast Text-to-Speech for Java Applications

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Network World

Critical SSH vulnerabilities expose enterprise network infrastructure as patching lags

Researcher at DEF CON reveals some critical challenges in widely used SSH protocol and provider recommendations on how to make it better. The Secure Shell (SSH) protocol serves as the backbone of ...
SecurityWeek

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking

Servers exposed to complete takeover due to CVE-2025-32433, an unauthenticated remote code execution flaw in Erlang/OTP SSH. Many devices could be exposed to complete takeover due to a critical ...
The Hacker News

Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution

A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under ...
GitHub

ArrayIndexOutOfBoundsException when using JSch library (version 0.2.22) for SSH connection

We are encountering an issue while attempting to establish an SSH connection using version 0.2.22 of the JSch library in our application. Below is the stack trace for the exception encountered: ...
IEEE

Leveraging the FreeTTS Library in ATM Voice Over - A Java-based System for Enhanced Accessibility for Visually Impaired Bank Users

Abstract: The ATM speech Over project uses the Free TTS package to provide speech feedback in a Java based ATM simulation to improve accessibility. It offers unambiguous spoken instructions for basic ...
GizChina

Chinese Hackers Hijack Linux Network Devices via SSH

A Chinese hacking group, called Evasive Panda (or DaggerFly), has found a new way to attack Linux-based network devices. By using the SSH (Secure Shell) daemon, the group adds malware to systems, ...
Bleeping Computer

Chinese cyberspies use new SSH backdoor in network device hacks

A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. The newly identified attack suite has been ...