Lucene search
K

181 matches found

Snyk
Snyk
added 2025/11/30 1:14 p.m.6 views

Malicious Package

Overview chai-promise-chain is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this packag...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.0 views

Malicious Package

Overview redux-motion is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. Onc...

9.8CVSS7.2AI score
Exploits0References3
HackRead
HackRead
added 2025/11/24 11:47 a.m.4 views

New RadzaRat Spyware Poses as File Manager to Hijack Android Devices

Certo Software found RadzaRat, an Android RAT disguised as a file manager that has a 0/66 detection rate on VirusTotal. It keylogs passwords and steals files...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-15917

Malware in sbrugna...

7.8CVSS8.6AI score0.01167EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-11539

Malware in sbrugna...

7.5CVSS7.6AI score0.02169EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-5011

Malware in sbrugna...

3.3CVSS6.4AI score0.0033EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-57656

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00144EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-25079

Malicious code in bioql PyPI...

7.5CVSS8.4AI score0.00465EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-32049

Malicious code in bioql PyPI...

3.3CVSS4.7AI score0.00303EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.3 views

Quantum Keystroke Logging

Superdense coding has long been regarded as a secure quantum communication protocol. It is natural to assume that employing logical quantum states with error-correcting capability would not compromise this security. However, in the context of GKP-based quantum communication, we propose a...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-19865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3. CVE-2018-19865 Note that Nessus relies...

7.5CVSS7.1AI score0.02169EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/08/04 6:19 a.m.4 views

PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads

Cybersecurity researchers have discovered a nascent Android remote access trojan RAT called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong. "The botnet's rapid growth, which now exceeds 2,000 new infections per week, ...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/23 12:58 p.m.17 views

New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials

The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework calledUI AutomationUIA to harvest sensitive information. "The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banki...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:9 a.m.5 views

CVE-2024-27886

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.4, macOS Ventura 13.7. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode...

7.5CVSS7.1AI score0.00465EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:46 a.m.4 views

CVE-2024-27799

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode...

3.3CVSS7.2AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:7 a.m.12 views

CVE-2023-5339

Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged...

5.5CVSS7AI score0.00144EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:36 a.m.11 views

CVE-2023-28351

An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory. A local attacker can trivially extract these cleartext keystrokes, potentially enabling them to obtain...

3.3CVSS6.6AI score0.00303EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:1 a.m.8 views

CVE-2013-5171

CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypass secure input mode and log an arbitrary application's keystrokes via a hotkey event registration...

3.3CVSS6.3AI score0.0033EPSS
Exploits0References1
Securelist
Securelist
added 2025/03/11 10:0 a.m.8 views

DCRat backdoor returns

Since the beginning of the year, we've been tracking in our telemetry a new wave of DCRat distribution, with paid access to the backdoor provided under the Malware-as-a-Service MaaS model. The cybercriminal group behind it also offers support for the malware and infrastructure setup for hosting t...

7.7AI score
Exploits0
OSV
OSV
added 2025/01/29 6:33 p.m.5 views

MAL-2025-618 Malicious code in requests-async (npm)

The package contains several malicious PowerShell and VBS scripts used to harvest browser data, take screenshots, log keystrokes, and establish startup persistence. It also bundles a password stealer and exfiltrates stolen data via Slack and Discord webhooks. --- -= Per source details. Do not edi...

7.2AI score
Exploits0References3
Rows per page
Query Builder