1844 matches found
FTP Fetch, Linux Command Shell, Reverse TCP Stager
Fetch and execute an MIPSBE payload from an FTP server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/ftp/mipsbe/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...
Malicious code in vps-new-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3a87c3a5996e3d81f13922de94c19e39af1be7c9b6920fc9ade4f43edd838b7 The package's main entry dist/index.js re-exports createServerAdapter from./server/index.js, causing that module to evaluate on any require/import of...
MAL-2026-6945 Malicious code in jsonschemavalidation (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eae82aa94c358f1f00f8a12e8b583cee82efdcf09d2f80263e6851ac0fec98f3 The PyPI project jsonschemavalidation builds a wheel whose installed top-level package is literally jsonschema tool.hatch.build.targets.wheel package...
Malicious code in jsonschemavalidation (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eae82aa94c358f1f00f8a12e8b583cee82efdcf09d2f80263e6851ac0fec98f3 The PyPI project jsonschemavalidation builds a wheel whose installed top-level package is literally jsonschema tool.hatch.build.targets.wheel package...
Malicious code in vps-maintenance (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da5dcc405a10775ace9fab68ee0a5ddf9bcad770d29e20f999df6d41072e46b1 On import of dist/server/index.js, a top-level block spawns a detached shell that 1 appends a hardcoded attacker ssh-ed25519 public key comment eni@l...
MAL-2026-6756 Malicious code in vps-maintenance (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da5dcc405a10775ace9fab68ee0a5ddf9bcad770d29e20f999df6d41072e46b1 On import of dist/server/index.js, a top-level block spawns a detached shell that 1 appends a hardcoded attacker ssh-ed25519 public key comment eni@l...
MAL-2026-6757 Malicious code in vps-maintenance-paperclip-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48d7d517534385e3776097217c197836517e4f4d84ef29598724c4398bfc875e On import of the server entry module, a top-level try block detaches a shell process that 1 appends an attacker-controlled ssh-ed25519 public key to...
Malicious code in vps-maintenance-paperclip-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48d7d517534385e3776097217c197836517e4f4d84ef29598724c4398bfc875e On import of the server entry module, a top-level try block detaches a shell process that 1 appends an attacker-controlled ssh-ed25519 public key to...
Malicious code in paperclip2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6fbcfc445b1a599943dac3ca0691633629c6804037b38fcf6113062f6add848 package.json declares a postinstall lifecycle script that runs node -e code opening a TCP connection to 185.112.147.174:7007 and piping the socket to...
MAL-2026-6755 Malicious code in paperclip2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6fbcfc445b1a599943dac3ca0691633629c6804037b38fcf6113062f6add848 package.json declares a postinstall lifecycle script that runs node -e code opening a TCP connection to 185.112.147.174:7007 and piping the socket to...
Malicious code in @appupdate/cdn-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 445a7b613694730e29915d732e3df0700d145622b279b62b0a141c76211e6f14 Package @appupdate/cdn-sync ships as a thin koffi wrapper around prebuilt Go cgo native libraries 12MB linux.so, 11MB darwin.dylib for x64/arm64. The...
MAL-2026-6531 Malicious code in @appupdate/cdn-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 445a7b613694730e29915d732e3df0700d145622b279b62b0a141c76211e6f14 Package @appupdate/cdn-sync ships as a thin koffi wrapper around prebuilt Go cgo native libraries 12MB linux.so, 11MB darwin.dylib for x64/arm64. The...
Malicious code in improvado-layout-panel-metrics (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61cc6b0b5d5efe4675f4159e8bc8f6380970614c1dc36b553207fa73fa66104e The package's top-level fluentpanelmetrics/init.py defines bootstrapruntimeprofile and unconditionally invokes it at import. The function opens a TCP...
MAL-2026-6231 Malicious code in improvado-layout-panel-metrics (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61cc6b0b5d5efe4675f4159e8bc8f6380970614c1dc36b553207fa73fa66104e The package's top-level fluentpanelmetrics/init.py defines bootstrapruntimeprofile and unconditionally invokes it at import. The function opens a TCP...
MAL-2026-6182 Malicious code in fluent-panel-metrics (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95598f66d3e0a4ecbfe9dcd01c1d5f0be9b78bee23b200758a92dac8f8a00d9e fluentpanelmetrics/init.py defines bootstrapruntimeprofile and invokes it unconditionally at module load. The function opens a TCP socket to the...
Malicious code in fluent-panel-metrics (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95598f66d3e0a4ecbfe9dcd01c1d5f0be9b78bee23b200758a92dac8f8a00d9e fluentpanelmetrics/init.py defines bootstrapruntimeprofile and invokes it unconditionally at module load. The function opens a TCP socket to the...
Malicious code in hello-test-s1 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e168a49ebd07050fbf35d1cd9714b289903c0593b9bdef27874f975be60461b7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...
MAL-2026-5812 Malicious code in hello-test-s1 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e168a49ebd07050fbf35d1cd9714b289903c0593b9bdef27874f975be60461b7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...
Exploit for CVE-2026-42945
CVE-2026-42945 NGINX Rift RCE PoC with Reverse Shell Remote...
lab-purple-team
Lab Purple Team - Active Directory !screenshots/wazuhsecu...