3 matches found
CVE-2026-32623 xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...
Malicious code in prof-tg-go-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e68d60babccd176fc8f6620e7b711731ff8d6b200d2141b318f1f09482c5a903 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious PyPI Packages Using Compiled Python Code to Bypass Detection
Researchers have discovered a novel attack on the Python Package Index PyPI repository that employs compiled Python code to sidestep detection by application security tools. "It may be the first supply chain attack to take advantage of the fact that Python bytecode PYC files can be directly...