196 matches found
📄 WordPress Bricks 1.9.6 Remote Code Execution
Proof of concept exploit for a critical vulnerability in WordPress Bricks Builder plugin version 1.9.6 that allows unauthenticated attackers to execute arbitrary PHP code through the Bricks REST API. The attack targets the renderelement endpoint, injecting malicious instructions in the Query Edit...
Exploit for CVE-2024-25600
CVE-2024-25600 — WordPress Bricks Builder RCE PoC Unauthent...
A week in security (January 5 – January 11)
Last week on Malwarebytes Labs: pcTattletale founder pleads guilty as US cracks down on stalkerware Are we ready for ChatGPT Health? CISA warns of active attacks on HPE OneView and legacy PowerPoint Lego’s Smart Bricks explained: what they do, and what they don’t Fake WinRAR downloads hide malwar...
Lego’s Smart Bricks explained: what they do, and what they don’t
Lego just made what it claims is its most important product release since it introduced minifigures in 1978. No, it's not yet another brand franchise. It's a computer in a brick. Called the Smart Brick , it's part of a broader system called Smart Play that Lego hopes will revolutionize your child...
CVE-2024-2297
The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the createautosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above...
Exploit for CVE-2024-25600
🧱 BrickBreaker !Pythonhttps://img.shields.io/badge/Pytho...
Exploit for CVE-2024-25600
MODIFIED CVE-2024-25600 original - https://github.com/K3ysT...
Malicious Package
Overview internal-checkout-bricks is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
EUVD-2025-33598
Malicious code in internal-checkout-bricks npm...
Malicious code in internal-checkout-bricks (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7a30a0c50c357c109e976dd834294a7f9414d5d0589e68deea9385dcdb6dff7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48283 Malicious code in internal-checkout-bricks (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7a30a0c50c357c109e976dd834294a7f9414d5d0589e68deea9385dcdb6dff7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2022-42777
Malicious code in bioql PyPI...
EUVD-2023-44077
Malicious code in bioql PyPI...
EUVD-2025-22967
Malicious code in bioql PyPI...
EUVD-2024-30713
Malicious code in bioql PyPI...
EUVD-2023-44075
Malicious code in bioql PyPI...
EUVD-2023-44076
Malicious code in bioql PyPI...
EUVD-2024-27252
Malicious code in bioql PyPI...
EUVD-2024-45468
Malicious code in bioql PyPI...
EUVD-2024-43524
Malicious code in bioql PyPI...