Malicious Package

Overview sae-viewer is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

Malicious Package

Overview videojs-sneakpeek is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between tha...

Malicious Package

Overview backend-engineering-test is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection...

Malicious Package

Overview uchiwa is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

Malicious Package

Overview kubeman is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

Malicious Package

Overview nanoslackts-env-test is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between...

Malicious Package

Overview braintreeexpressexample is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection betwe...

CVE-2024-47608 Logicytics vulnerable to shell injections

Logicytics is designed to harvest and collect data for forensic analysis. Logicytics has a basic vuln affecting compromised devices from shell injections. This vulnerability is fixed in 2.3.2...

CVE-2024-47608 Logicytics vulnerable to shell injections

Logicytics is designed to harvest and collect data for forensic analysis. Logicytics has a basic vuln affecting compromised devices from shell injections. This vulnerability is fixed in 2.3.2...

Logicytics 操作系统命令注入漏洞

Logicytics is a tool from Shahm Najeeb's personal developer. Designed to carefully gather and collect large amounts of Windows system data for forensic analysis. Logicytics 2.3.1 and earlier versions suffer from an operating system command injection vulnerability that stems from the presence of a...

CVE-2024-7107

Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations.This issue affects CyberMath: before CYBM.240816253...

CVE-2024-7107

Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations. This issue affects CyberMath: before CYBM.240816253...

PT-2024-38080 · National Keep Cyber Security Services · Cybermath

Name of the Vulnerable Software and Affected Versions: CyberMath versions before CYBM.240816253 Description: The issue affects National Keep Cyber Security Services' CyberMath, allowing external parties to access files or directories and collect data from common resource locations. Recommendation...

Web tracking report: who monitored users’ online activities in 2023–2024 the most

Web tracking has become a pervasive aspect of our online experience. Whether we're browsing social media, playing video games, shopping for products, or simply reading news articles, trackers are silently monitoring our online behavior, fueling the ceaseless hum of countless data centers worldwid...

“Simply staggering” surveillance conducted by social media and streaming services, FTC finds

The US Federal Trade Commission FTC released a report that examines the data collection and use practices of major social media and video streaming services, finding that—and this will not come as a surprise to our regular readers—the companies engaged in vast surveillance of consumers in order t...

CVE-2024-6878

Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations. This issue affects Panel: before v2.3.24...

CVE-2024-6878

Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations. This issue affects Panel: before v2.3.24...

CVE-2024-6878 Directory Browsing in Eliz Software's Panel

Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations. This issue affects Panel: before v2.3.24...

Eliz Panel 安全漏洞

Eliz Panel is a control panel from Eliz Corporation. A security vulnerability exists in Eliz Panel versions prior to 2.3.24 that stems from the presence of a vulnerability where a file or directory is accessible to an external party, which could allow an attacker to collect data from a public...

CVE-2024-42019

A vulnerability that allows an attacker to access the NTLM hash of the Veeam Reporter Service service account. This attack requires user interaction and data collected from Veeam Backup & Replication...