505 matches found
EUVD-2020-0692
Malware in sbrugna...
EUVD-2015-6289
Malware in sbrugna...
EUVD-2016-4179
Malware in sbrugna...
EUVD-2004-1455
Malware in sbrugna...
EUVD-2022-55210
Malicious code in bioql PyPI...
The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign
The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign By Pham Duy Phuc and Alex Lanstein · August 18, 2025 The Trellix Advanced Research Center uncovered a sophisticated espionage operation targeting diplomatic missions across several regions in South Korea during...
Scammers mass-mailing the Efimer Trojan to steal crypto
Introduction In June, we encountered a mass mailing campaign impersonating lawyers from a major company. These emails falsely claimed the recipient's domain name infringed on the sender's rights. The messages contained the Efimer malicious script, designed to steal cryptocurrency. This script als...
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence AI and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer "advanced license validation and registry optimization utilities for high-performan...
Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware
Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025. "Over the course of three days, a threat actor gained access to the customer's network, attempted to downlo...
CVE-2025-31965
CVE-2025-31965 concerns HCL BigFix Remote Control Server WebUI, affected on version 10.1.0.0248 and earlier. The root issue is improper access restrictions that allow non-admin users to view unauthorized information on certain pages (authorization bypass). The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:R...
CVE-2022-4978
Remote Control Server, maintained by Steppschuh, 3.1.1.12 allows unauthenticated remote code execution when authentication is disabled, which is the default configuration. The server exposes a custom UDP-based control protocol that accepts remote keyboard input events without verification. An...
CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing
Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans RATs. The activity employs Cloudflare-themed ClickFix phishing attacks and fake GitHub...
CVE-2022-4978 Steppschuh Remote Control Server 3.1.1.12 Unauthenticated RCE
Remote Control Server, maintained by Steppschuh, 3.1.1.12 allows unauthenticated remote code execution when authentication is disabled, which is the default configuration. The server exposes a custom UDP-based control protocol that accepts remote keyboard input events without verification. An...
CVE-2022-4978 Steppschuh Remote Control Server 3.1.1.12 Unauthenticated RCE
Remote Control Server, maintained by Steppschuh, 3.1.1.12 allows unauthenticated remote code execution when authentication is disabled, which is the default configuration. The server exposes a custom UDP-based control protocol that accepts remote keyboard input events without verification. An...
Remote Control Server 安全漏洞
Remote Control Server is a remote control server by Stephan Schultz, an individual developer. A security vulnerability exists in Remote Control Server version 3.1.1.12 that originates from unauthenticated remote code execution and could lead to complete system compromise...
PT-2025-30586 · Steppschuh · Dg Remote Control Server
Name of the Vulnerable Software and Affected Versions: Remote Control Server versions 3.1.1.12 Description: Remote Control Server, maintained by Steppschuh, allows unauthenticated remote code execution when authentication is disabled, which is the default configuration. The server exposes a custo...
CVE-2025-46080
HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server...
New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto
Embedded Linux-based Internet of Things IoT devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances to expand in size and scale and deliver additional malware to the infected hosts. "Rather than...
CVE-2023-32563
An unauthenticated attacker could achieve the code execution through a RemoteControl server...
Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims
Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI with the goal of tricking victims into downloading malware. Kling AI is an artificial intelligence AI-powered platform to synthesize images and...