Lucene search
K

11058 matches found

osv
osv
added 2026/04/02 8:26 p.m.7 views

MAL-2026-2431 Malicious code in nwin32tls (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a47778618cad57dbc584afdff7ed138032b69c423a9812e1bc8f86c13129f01d Importing the module starts a loop that listens to key strokes and on every capslock press exfiltrates screenshot to a hardcoded location. --- Category:...

5.9AI score
Exploits0References1
thn
thn
added 2026/04/02 9:51 a.m.5 views

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with spyware. According to reports from Italian newspaper La Repubblica and news agency ANSA, the vast majority of the targets are located in...

5.9AI score
Exploits0
securelist
securelist
added 2026/04/01 6:0 a.m.9 views

A laughing RAT: CrystalX combines spyware, stealer, and prankware features

Introduction In March 2026, we discovered an active campaign promoting previously unknown malware in private Telegram chats. The Trojan was offered as a MaaS malware‑as‑a‑service with three subscription tiers. It caught our attention because of its extensive arsenal of capabilities. On the panel...

6.2AI score
Exploits0
ossf
ossf
added 2026/03/31 5:7 p.m.12 views

Malicious code in coredxloader (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b26408ee7735357c61e0a81e60620000999ef84eba419797b20858e5ce5b4a62 During importing, code starts a malicious script performing exfiltration of sensitive data and credentials from e.g. browsers and Discord clients to a remote...

6AI score
Exploits0References1
ossf
ossf
added 2026/03/24 8:7 p.m.9 views

Malicious code in corexloader (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 02fc84ddadc717cbd2dc073832c3c9e438f82d2671927fa79be959fea7031304 During importing, code starts a malicious script performing exfiltration of sensitive data and credentials from e.g. browsers and Discord clients to a remote...

6AI score
Exploits0References1
osv
osv
added 2026/03/24 8:7 p.m.11 views

MAL-2026-2141 Malicious code in corexloader (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 02fc84ddadc717cbd2dc073832c3c9e438f82d2671927fa79be959fea7031304 During importing, code starts a malicious script performing exfiltration of sensitive data and credentials from e.g. browsers and Discord clients to a remote...

6AI score
Exploits0References1
osv
osv
added 2026/03/24 8:7 p.m.10 views

MAL-2026-2140 Malicious code in coreloader (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f5d7c219be7c779fe573e80949a521df2a096e7358be92f99cee6a50dd252e09 During importing, code starts a malicious script performing exfiltration of sensitive data and credentials from e.g. browsers and Discord clients to a remote...

6AI score
Exploits0References1
hackread
hackread
added 2026/03/24 4:18 p.m.7 views

FBI Warns of Iran’s Handala Hack Group Using Fake Apps to Spy on Windows Users

The FBI has issued a warning about Iran-linked Handala Hack Group, targeting Windows users through fake versions of WhatsApp and Telegram...

5.8AI score
Exploits0
ossf
ossf
added 2026/03/21 10:53 p.m.8 views

Malicious code in aiolrucache (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8b847ab6789b3a3848d887f76adae74d05523dd4cb1a974372518679d27ed70e The package masquerades as a utility, but during import, code loads obfuscated modules with RAT- and spyware-like functionality, including: exfiltrating files,...

5.9AI score
Exploits0References1
malwarebytes
malwarebytes
added 2026/03/19 12:27 p.m.8 views

A DarkSword hangs over unpatched iPhones

Researchers at Google have identified an iOS exploit chain, named DarkSword, that has been used since late last year by multiple actors to infect iPhones with malware in targeted attacks. DarkSword combines six vulnerabilities in iOS and Safari to deploy malware on the device. It demonstrates, on...

7.8CVSS6.1AI score0.01319EPSS
Exploits4
thn
thn
added 2026/03/10 10:55 a.m.5 views

APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel. The two malware families have been put to use since April 2024, ESET said in a new report shar...

5.8AI score
Exploits0
malwarebytes
malwarebytes
added 2026/03/02 8:1 a.m.26 views

A week in security (February 23 – March 1)

Last week on Malwarebytes Labs: Public Google API keys can be used to expose Gemini AI data Inside a fake Google security check that becomes a browser RAT Fake Zoom and Google Meet scams install Teramind: A technical deep dive How to understand and avoid Advanced Persistent Threats The Conduent...

5.9AI score
Exploits0
ossf
ossf
added 2026/02/28 8:25 p.m.10 views

Malicious code in myproject-bola (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f85bf2df7a8a311b7140ca4086746ecf3c26b219843b96c1f9f8c22f505e7edc Starting the module initiates an infostealer with a Telegram bot and RAT-like functionality and hardcoded credentials. The code automatically adds itself to...

6AI score
Exploits0References1
ossf
ossf
added 2026/02/28 8:22 p.m.15 views

Malicious code in isb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 93750cbddba7897fde1d31836971e11082ad2076012c7caf708980de45827840 Starting the module initiates an infostealer with a Telegram bot and RAT-like functionality and hardcoded credentials. The code automatically adds itself to...

6AI score
Exploits0References1
thn
thn
added 2026/02/26 2:28 p.m.15 views

ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories

Nothing here looks dramatic at first glance. That’s the point. Many of this week’s threats begin with something ordinary, like an ad, a meeting invite, or a software update. Behind the scenes, the tactics are sharper. Access happens faster. Control is established sooner. Cleanup becomes harder...

10CVSS7.2AI score0.99654EPSS
Exploits66
thn
thn
added 2026/02/16 10:24 a.m.44 views

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft

Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices. "The developer runs dedicated channels for sales, customer...

5.6AI score
Exploits0
hackread
hackread
added 2026/02/09 10:46 a.m.7 views

China-Linked DKnife Spyware Hijacking Internet Routers Since 2019

Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks...

5.5AI score
Exploits0
malwarebytes
malwarebytes
added 2026/02/02 8:2 a.m.8 views

A week in security (January 26 – February 1)

Last week on Malwarebytes Labs: Match, Hinge, OkCupid, and Panera Bread breached by ransomware group TikTok’s privacy update mentions immigration status. Here’s why. Meta confirms it’s working on premium subscription for its apps Microsoft Office zero-day lets malicious documents slip past securi...

5.3AI score
Exploits0
packetstormnews
packetstormnews
added 2026/02/02 12:0 a.m.13 views

Malware Detection through Memory Analysis

This paper summarizes the research conducted for a malware detection project using the Canadian Institute for Cybersecurity's MalMemAnalysis-2022 dataset. The purpose of the project was to explore the effectiveness and efficiency of machine learning techniques for the task of binary classificatio...

5.4AI score
Exploits0
hackread
hackread
added 2026/01/30 3:24 p.m.7 views

Arsink Spyware Posing as WhatsApp, YouTube, Instagram, TikTok Hits 143 Countries

Another day, another Android malware campaign targeting unsuspecting users worldwide by masquerading as popular apps...

5.9AI score
Exploits0
Rows per page
Query Builder