181 matches found
Malicious Package
Overview chai-promise-chain is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this packag...
Malicious Package
Overview redux-motion is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. Onc...
New RadzaRat Spyware Poses as File Manager to Hijack Android Devices
Certo Software found RadzaRat, an Android RAT disguised as a file manager that has a 0/66 detection rate on VirusTotal. It keylogs passwords and steals files...
EUVD-2018-15917
Malware in sbrugna...
EUVD-2018-11539
Malware in sbrugna...
EUVD-2013-5011
Malware in sbrugna...
EUVD-2023-57656
Malicious code in bioql PyPI...
EUVD-2024-25079
Malicious code in bioql PyPI...
EUVD-2023-32049
Malicious code in bioql PyPI...
Quantum Keystroke Logging
Superdense coding has long been regarded as a secure quantum communication protocol. It is natural to assume that employing logical quantum states with error-correcting capability would not compromise this security. However, in the context of GKP-based quantum communication, we propose a...
Linux Distros Unpatched Vulnerability : CVE-2018-19865
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3. CVE-2018-19865 Note that Nessus relies...
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
Cybersecurity researchers have discovered a nascent Android remote access trojan RAT called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong. "The botnet's rapid growth, which now exceeds 2,000 new infections per week, ...
New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials
The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework calledUI AutomationUIA to harvest sensitive information. "The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banki...
CVE-2024-27886
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.4, macOS Ventura 13.7. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode...
CVE-2024-27799
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode...
CVE-2023-5339
Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged...
CVE-2023-28351
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory. A local attacker can trivially extract these cleartext keystrokes, potentially enabling them to obtain...
CVE-2013-5171
CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypass secure input mode and log an arbitrary application's keystrokes via a hotkey event registration...
DCRat backdoor returns
Since the beginning of the year, we've been tracking in our telemetry a new wave of DCRat distribution, with paid access to the backdoor provided under the Malware-as-a-Service MaaS model. The cybercriminal group behind it also offers support for the malware and infrastructure setup for hosting t...
MAL-2025-618 Malicious code in requests-async (npm)
The package contains several malicious PowerShell and VBS scripts used to harvest browser data, take screenshots, log keystrokes, and establish startup persistence. It also bundles a password stealer and exfiltrates stolen data via Slack and Discord webhooks. --- -= Per source details. Do not edi...