CVE-2026-7516

A vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allow a website visited by the built-in browser to overwrite system clipboard contents...

Cross-site Scripting (XSS)

Overview @jupyterlab/apputils-extension is a JupyterLab - Application Utilities Extension Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute...

Malicious code in sher-net (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f87dc8302df47889be1acee83b535b423d7f04e597ed61cca62dc2727f4d5d46 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

Malicious code in sentinel-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5a2ff07802c4546c40d47d3780971506115297a1e8c177be36ad1e003dd62937 The package installs a remote executable that uses a hardcoded Telegram channel for monitoring the user's activity, including regularly taking screenshots, and...

Inside a fake Google security check that becomes a browser RAT

A website styled to resemble a Google Account security page is distributing what may be one of the most fully featured browser-based surveillance toolkits we have observed in the wild. Disguised as a routine security checkup, it walks victims through a four-step flow that grants the attacker push...

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code VS Code Marketplace that are designed to infect developer machines with stealer malware. The VS Code extensions masquerade as a premium dark theme and an artificial intelligence AI-powered coding assistan...

EUVD-2018-13571

Malware in sbrugna...

EUVD-2002-1274

Malware in sbrugna...

EUVD-2006-2611

Malware in sbrugna...

EUVD-2010-3896

Malware in sbrugna...

EUVD-2004-0906

Malware in sbrugna...

EUVD-2018-13563

Malware in sbrugna...

EUVD-2008-0673

Malware in sbrugna...

EUVD-2020-5033

Malware in sbrugna...

EUVD-2007-6355

Malware in sbrugna...

EUVD-2019-3403

Malware in sbrugna...

EUVD-2013-0443

Malware in sbrugna...

EUVD-1999-1433

Malware in sbrugna...

EUVD-1999-0384

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-17480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert...