diff --git a/httpdocs/dist b/httpdocs/dist
index 87ed8af44e..87d677b084 160000
--- a/httpdocs/dist
+++ b/httpdocs/dist
@@ -1 +1 @@
-Subproject commit 87ed8af44e9d3a8cc1bb4b4b3223ea51b2bf1ea7
+Subproject commit 87d677b084375db1ceddd6f2328f4943d1c734b5
diff --git a/scripts/locales/en.lua b/scripts/locales/en.lua
index c3912408cf..65a3b52df8 100644
--- a/scripts/locales/en.lua
+++ b/scripts/locales/en.lua
@@ -946,6 +946,7 @@ local lang = {
     ["lateral_movement_descr"] = "Denied service detected %{info} %{href}",
     ["list_download_failed"] = "List Download Failed",
     ["list_download_succeeded"] = "List Download Succeeded",
+    ["local_host_blacklisted"] = "Local Host Blacklisted",
     ["local_only"] = "Local Hosts Only",
     ["local_origin_remote_target"] = "Local Origin - Remote Target",
     ["login_failed"] = "Login Failed",
@@ -1233,6 +1234,7 @@ local lang = {
     ["connection_time_out"] = "The server connection timeout out after %{duration} seconds",
     ["disable_some_list"] = "Please disable some lists in order to fix this.",
     ["download_succeeded"] = "List '%{name}' downloaded successfully",
+    ["local_host_blacklisted"] = "Local host %{host} found in blacklist '%{name}'",
     ["edit_list"] = "Edit Category List",
     ["enabled"] = "Enabled",
     ["error_occurred"] = "An error occurred while downloading <a href=\"%{url}\">list</a> '%{name}': %{err}",
diff --git a/scripts/lua/modules/alert_definitions/other/alert_local_host_blacklisted.lua b/scripts/lua/modules/alert_definitions/other/alert_local_host_blacklisted.lua
new file mode 100644
index 0000000000..14e5bb95ff
--- /dev/null
+++ b/scripts/lua/modules/alert_definitions/other/alert_local_host_blacklisted.lua
@@ -0,0 +1,52 @@
+--
+-- (C) 2019-22 - ntop.org
+--
+
+-- ##############################################
+
+local other_alert_keys = require "other_alert_keys"
+-- Import the classes library.
+local classes = require "classes"
+-- Make sure to import the Superclass!
+local alert = require "alert"
+local alert_entities = require "alert_entities"
+
+-- ##############################################
+
+local alert_local_host_blacklisted = classes.class(alert)
+
+-- ##############################################
+
+alert_local_host_blacklisted.meta = {
+   alert_key = other_alert_keys.alert_local_host_blacklisted,
+   i18n_title = "alerts_dashboard.local_host_blacklisted",
+   icon = "fas fa-fw fa-sticky-note",
+   entities = {
+      alert_entities.system
+   },
+}
+
+-- ##############################################
+
+-- @brief Prepare an alert table used to generate the alert
+-- @param list_name The name of the succeeded list as string
+-- @param host      IP address of the host found on blacklist
+-- @return A table with the alert built
+function alert_local_host_blacklisted:init(list_name, host)
+   -- Call the parent constructor
+   self.super:init()
+
+   self.alert_type_params = {
+      name = list_name, host = host
+   }
+end
+
+-- #######################################################
+
+function alert_local_host_blacklisted.format(ifid, alert, alert_type_params)
+   return i18n("category_lists.local_host_blacklisted", {name = alert_type_params.name, host = alert_type_params.host})
+end
+
+-- #######################################################
+
+return alert_local_host_blacklisted
diff --git a/scripts/lua/modules/alert_keys/other_alert_keys.lua b/scripts/lua/modules/alert_keys/other_alert_keys.lua
index e61f4dc969..eb61fe13c6 100644
--- a/scripts/lua/modules/alert_keys/other_alert_keys.lua
+++ b/scripts/lua/modules/alert_keys/other_alert_keys.lua
@@ -91,7 +91,8 @@ local other_alert_keys = {
    alert_network_score_per_host         =  OTHER_BASE_KEY + 78,
    alert_dhcp_storm                     =  OTHER_BASE_KEY + 79,
    alert_snmp_interface_errors          =  OTHER_BASE_KEY + 80,
-   alert_snmp_device_traffic_change    =  OTHER_BASE_KEY + 81,
+   alert_snmp_device_traffic_change     =  OTHER_BASE_KEY + 81,
+   alert_local_host_blacklisted         =  OTHER_BASE_KEY + 82,
 }
 
 -- ##############################################
diff --git a/scripts/lua/modules/lists_utils.lua b/scripts/lua/modules/lists_utils.lua
index 3ea44a03b4..ac985917e3 100644
--- a/scripts/lua/modules/lists_utils.lua
+++ b/scripts/lua/modules/lists_utils.lua
@@ -251,6 +251,9 @@ local function initListCacheDir()
    ntop.mkdir(os_utils.fixPath(string.format("%s/category_lists", dirs.workingdir)))
 end
 
+-- ##############################################
+
+
 local function getListCacheFile(list_name, downloading)
    local f = string.format("%s/category_lists/%s.txt", dirs.workingdir, list_name)
 
@@ -290,6 +293,8 @@ local function getNextListUpdate(list)
    return next_update
 end
 
+-- ##############################################
+
 -- Returns true if the given list should be updated
 function shouldUpdate(list_name, list, now)
    local list_file
@@ -363,12 +368,8 @@ local function checkListsUpdate(timeout)
             list.status.num_errors = 0
             needs_reload = true
 
-            local alert = alert_consts.alert_types.alert_list_download_succeeded.new(
-               list_name
-            )
-
+            local alert = alert_consts.alert_types.alert_list_download_succeeded.new(list_name)
             alert:set_score_notice()
-
             alert:store(alerts_api.systemEntity(list_name))
 
             msg = msg .. "OK"
@@ -490,6 +491,15 @@ local function loadListItem(host, category, user_custom_categories, list, num_li
                if (list and list.name) then
                   if not ntop.loadCustomCategoryIp(host, category, list.name) then
                      loadWarning(string.format("Failure loading IP '%s' category '%s' in list '%s'", host, category, list.name))
+		  else
+		     if((category == CUSTOM_CATEGORY_MALWARE) and ntop.isLocalAddress(host)) then
+			local alert = alert_consts.alert_types.alert_local_host_blacklisted.new(list.name, host)
+			
+			alert:set_score_error()
+			alert:store(alerts_api.systemEntity(list.name, host))
+
+			-- loadWarning(string.format("Found local IP '%s' in malware list '%s'", host, list.name))
+		     end
                   end
                end
        
diff --git a/src/IpAddress.cpp b/src/IpAddress.cpp
index 425db28f16..7869b8d123 100644
--- a/src/IpAddress.cpp
+++ b/src/IpAddress.cpp
@@ -168,7 +168,7 @@ void IpAddress::checkIP() {
     if(addr.ipType.ipv6.u6_addr.u6_addr8[0] == 0xFF)
       addr.multicastIP = true;
     
-    if (ntop->isLocalAddress(AF_INET6, (void*)&addr.ipType.ipv6, &local_network_id))
+    if(ntop->isLocalAddress(AF_INET6, (void*)&addr.ipType.ipv6, &local_network_id))
       addr.localIP = true; 
   }
 }
diff --git a/src/LuaEngineNtop.cpp b/src/LuaEngineNtop.cpp
index a66ee7e8d3..c839caaa5f 100644
--- a/src/LuaEngineNtop.cpp
+++ b/src/LuaEngineNtop.cpp
@@ -3421,7 +3421,8 @@ static int ntop_is_local_interface_address(lua_State* vm) {
   char *host;
   IpAddress ipa;
 
-  if(ntop_lua_check(vm, __FUNCTION__, 1, LUA_TSTRING) != CONST_LUA_OK) return(ntop_lua_return_value(vm, __FUNCTION__, CONST_LUA_ERROR));
+  if(ntop_lua_check(vm, __FUNCTION__, 1, LUA_TSTRING) != CONST_LUA_OK)
+    return(ntop_lua_return_value(vm, __FUNCTION__, CONST_LUA_ERROR));
 
   host = (char*)lua_tostring(vm, 1);
   ipa.set(host);
@@ -3434,6 +3435,53 @@ static int ntop_is_local_interface_address(lua_State* vm) {
 
 /* ****************************************** */
 
+static int ntop_is_local_address(lua_State* vm) {
+  char *host, *slash;
+  IpAddress ipa;
+  char shadow[64];
+    
+  if(ntop_lua_check(vm, __FUNCTION__, 1, LUA_TSTRING) != CONST_LUA_OK)
+    return(ntop_lua_return_value(vm, __FUNCTION__, CONST_LUA_ERROR));
+
+  host = (char*)lua_tostring(vm, 1);
+  snprintf(shadow, sizeof(shadow), "%s", host);
+    
+  if((slash = strchr(shadow, '/')) != NULL) {
+    /* network/CIDR */
+    char *ip, *mask;
+    u_int8_t nmask_bits;
+    int16_t local_network_id;
+    
+    shadow[0] = '\0';
+    ip = shadow, mask = &shadow[1];
+    nmask_bits = (u_int8_t)atoi(mask);
+      
+    if(strchr(ip, ':') != NULL) {
+      /* IPv6 */
+      struct ndpi_in6_addr ipv6;
+      
+      if(inet_pton(AF_INET6, ip, &ipv6) <= 0)
+	lua_pushboolean(vm, false);
+      else
+	lua_pushboolean(vm, ntop->isLocalAddress(AF_INET6, (void*)&ipv6, &local_network_id, &nmask_bits));
+    } else {
+      /* IPv4 */
+      u_int32_t addr = inet_addr(ip);
+      
+      lua_pushboolean(vm, ntop->isLocalAddress(AF_INET, &addr, &local_network_id, &nmask_bits));
+    }
+  } else {
+    ipa.set(shadow);
+    
+    /* Check if this IP address is local (-m) */
+    lua_pushboolean(vm, ipa.isLocalHost());
+  }
+  
+  return(ntop_lua_return_value(vm, __FUNCTION__, CONST_LUA_OK));
+}
+
+/* ****************************************** */
+
 static int ntop_get_resolved_address(lua_State* vm) {
   char *key, *tmp,rsp[256], value[280];
   Redis *redis = ntop->getRedis();
@@ -6441,6 +6489,7 @@ static luaL_Reg _ntop_reg[] = {
   { "isAllowedInterface",  ntop_is_allowed_interface },
   { "isAllowedNetwork",  ntop_is_allowed_network },
   { "isLocalInterfaceAddress", ntop_is_local_interface_address },
+  { "isLocalAddress",     ntop_is_local_address },
   { "md5",               ntop_md5 },
   { "hasRadiusSupport",  ntop_has_radius_support },
   { "hasLdapSupport",    ntop_has_ldap_support },