Security Intel Hub 6+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Filter

KEV only

Verified PoC

Clear filters

Critical

npm Supply Chain Attack: backslash Package Compromise (CVE-2025-59140)

CVE-2025-59140 · github.com · 2025-09-17

backslash@0.2.1

Critical

npm Supply Chain Attack: simple-swizzle Malware via Account Takeover (CVE-2025-59141)

CVE-2025-59141 · github.com · 2025-09-17

simple-swizzle@0.2.3

Critical

npm Supply Chain Attack: color-string Malware via Account Takeover (CVE-2025-59142)

CVE-2025-59142 · github.com · 2025-09-17

color-string@2.1.1

Critical

npm Supply Chain Attack: error-ex Compromised (CVE-2025-59330)

CVE-2025-59330 · github.com · 2025-09-17

error-ex@1.3.3

Critical

npm is-arrayish Supply Chain Poisoning via Compromised Account (CVE-2025-59331)

CVE-2025-59331 · github.com · 2025-09-17

is-arrayish@0.3.3

Critical

npm Supply Chain Attack: Malicious color@5.0.1 Package (CVE-2025-59143)

CVE-2025-59143 · github.com · 2025-09-17

color 5.0.1

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 6+

npm Supply Chain Attack: backslash Package Compromise (CVE-2025-59140)

npm Supply Chain Attack: simple-swizzle Malware via Account Takeover (CVE-2025-59141)

npm Supply Chain Attack: color-string Malware via Account Takeover (CVE-2025-59142)

npm Supply Chain Attack: error-ex Compromised (CVE-2025-59330)

npm is-arrayish Supply Chain Poisoning via Compromised Account (CVE-2025-59331)

npm Supply Chain Attack: Malicious color@5.0.1 Package (CVE-2025-59143)