495 matches found
ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories
Bad week. Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped into Discord channels like it’s normal. Some of these attack chains don’t even feel sophisticated anymore. More like...
MAL-2026-3364 Malicious code in quicklytookerv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eeb02e3ddf9f61661d72bac1e244227aa8b6a8a88ab1226a521cc7aa48d5da37 The package silently exfiltrates screenshots and basic data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in quicklytookerv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eeb02e3ddf9f61661d72bac1e244227aa8b6a8a88ab1226a521cc7aa48d5da37 The package silently exfiltrates screenshots and basic data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
PT-2026-38400
Name of the Vulnerable Software and Affected Versions Weblate versions prior to 5.17.1 Description The screenshots, tasks, and component link API endpoints allow for the enumeration of translations within a project that the user should not be able to access. Recommendations Update to version 5.17...
Malicious code in randomchoicemas (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0dc4c38310ad4ec9a939abd09fa48fce4f2f2e91e02389d59f3fefc30eda4c2c The package silently exfiltrates screenshots and basic data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Why Sharing a Screenshot Can Get You Jailed in the UAE
The war in Iran has drawn attention to arrests in the United Arab Emirates over online content, but the legal framework behind that enforcement has existed for years...
Malicious code in nwin32tls (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a47778618cad57dbc584afdff7ed138032b69c423a9812e1bc8f86c13129f01d Importing the module starts a loop that listens to key strokes and on every capslock press exfiltrates screenshot to a hardcoded location. --- Category:...
PT-2026-28499
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.12 Description The software embeds long-lived shared gateway credentials directly within pairing setup codes. These codes are generated by the /pair API endpoint and the OpenClaw qr command. If setup codes are...
CVE-2026-33711
Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable...
MAL-2026-2020 Malicious code in aiolrucache (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b847ab6789b3a3848d887f76adae74d05523dd4cb1a974372518679d27ed70e The package masquerades as a utility, but during import, code loads obfuscated modules with RAT- and spyware-like functionality, including: exfiltrating files,...
Malicious code in aiolrucache (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b847ab6789b3a3848d887f76adae74d05523dd4cb1a974372518679d27ed70e The package masquerades as a utility, but during import, code loads obfuscated modules with RAT- and spyware-like functionality, including: exfiltrating files,...
pentesting-notes
🔐 Pentesting Notes Personal penetration testing documentati...
pentesting-writeups
🔐 Pentesting Writeups Personal penetration testing document...
Malicious code in myproject-bola (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f85bf2df7a8a311b7140ca4086746ecf3c26b219843b96c1f9f8c22f505e7edc Starting the module initiates an infostealer with a Telegram bot and RAT-like functionality and hardcoded credentials. The code automatically adds itself to...
MAL-2026-1091 Malicious code in myproject-bola (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f85bf2df7a8a311b7140ca4086746ecf3c26b219843b96c1f9f8c22f505e7edc Starting the module initiates an infostealer with a Telegram bot and RAT-like functionality and hardcoded credentials. The code automatically adds itself to...
Malicious code in isb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 93750cbddba7897fde1d31836971e11082ad2076012c7caf708980de45827840 Starting the module initiates an infostealer with a Telegram bot and RAT-like functionality and hardcoded credentials. The code automatically adds itself to...
CVE-2026-26049
The web management interface of the device renders the passwords in a plaintext input field. The current password is directly visible to anyone with access to the UI, potentially exposing administrator credentials to unauthorized observation via shoulder surfing, screenshots, or browser form...
CVE-2026-26049 Jinan USR IOT Technology Limited (PUSR) USR-W610 Insufficiently Protected Credentials
The web management interface of the device renders the passwords in a plaintext input field. The current password is directly visible to anyone with access to the UI, potentially exposing administrator credentials to unauthorized observation via shoulder surfing, screenshots, or browser form...
CVE-2026-26049
CVE-2026-26049 affects the Jinan USR IOT USR-W610 embedded web interface. The vulnerability is that the web UI renders the administrator password in a plaintext input field, making the current password directly visible to anyone with UI access and enabling credential exposure via shoulder surfing...
PT-2026-21241
The web management interface of the device renders the passwords in a plaintext input field. The current password is directly visible to anyone with access to the UI, potentially exposing administrator credentials to unauthorized observation via shoulder surfing, screenshots, or browser form...