MAL-2023-2272 Malicious code in sloana (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 25898ab1b9774b92af1f740bfd1366de9381ea6feb7f1c184d7abf8c375d5ac8 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in vypeer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0926e885c8038ccc7c9b5163a85a2b76fbfadfd385c2ea05477ccc493a664ceb Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1654 Malicious code in bitcionlib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4da0fa1d0611659a48bd40ca29cab25429d6128113ede37bc01bf2189f97d4e8 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in bbitcoinlib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d4ae626d55de07d317671da449112e6758ad9550639e86a53a4349d44da0aad2 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in ibtcoinlib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c6808d88b17a3f48bec02829a95864c92b924fc72c48269b79401cad99212228 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1721 Malicious code in cryptocompae (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1f96db8a11352eb1672bf334796a7f50903eaf34d76696d3840c568f12092e9f Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in cryptocomapre (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a89417c87ac231046e9865ee3d066199d0a6e5d3760851bf6018b6f8b357598f Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in cryyptocompare (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 79a521216bcaad1d0f52cfdfc7ef82841b97d7d6a04a6b61e7eace10bed5b77f Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in ccryptofeed (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c8fba011f0180ec1c042cfb37437774531268f0cc8507b60abb5ef8bd1b2a6e1 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in ffreqtrade (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx bf7a4b9e4df05f2afe50991d0b64e59312ddc06d1d8af631cedcbb4a0ed0d991 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1831 Malicious code in ffreqtrade (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx bf7a4b9e4df05f2afe50991d0b64e59312ddc06d1d8af631cedcbb4a0ed0d991 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in reqtrade (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9eafd0ca4dd4d799f7fc2c72d39f61b3ea59fd355085c35889d3f640f62bb992 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Type confusion

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

No More Macros? Better Watch Your Search Results!

No More Macros? Better Watch Your Search Results! By Pham Duy Phuc · February 08, 2023 This blog was also written by Max Kersten Threat actors often rely on the same techniques until their hand is forced, usually due to defensive changes or chance-based opportunities, to leverage a new technique...

X.400 address type confusion in X.509 `GeneralName`

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

Input validation

OpenDDS is an open source C++ implementation of the Object Management Group OMG Data Distribution Service DDS. OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1...

CVE-2023-23932 Specially crafted RTPS message may cause an OpenDDS application to crash

OpenDDS is an open source C++ implementation of the Object Management Group OMG Data Distribution Service DDS. OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1...