MAL-2026-5722 Malicious code in textwrap-toolkit-stager (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fc85924d5672f7c91c2dd5e97c46cc48e3ae48084f906b7b0ba9d606c433fa4 On import textwraptoolkitstager, the package's init.py unconditionally fetches Python source from...

UAT-8302 and its box full of malware

Cisco Talos is disclosing UAT-8302, a sophisticated, China-nexus advanced persistent threat APT group targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025. After successful compromises, UAT-8302 deploys multiple custom-made...

Adobe Bridge 15.1.4 < 15.1.5 / 16.x < 16.0.3 Multiple Vulnerabilities (APSB26-39)

The version of Adobe Bridge installed on the remote Windows host is prior to 15.1.5 or 16.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb26-39 advisory. - Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability th...

Adobe Bridge 15.1.4 < 15.1.5 / 16.x < 16.0.3 Multiple Vulnerabilities (APSB26-39)

The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 15.1.5 or 16.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb26-39 advisory. - Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow...

Adobe Substance3D Stager Resource Management Error Vulnerability (CNVD-2026-16826)

Adobe Substance3D Stager is a set and rendering software for 3D scenes from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance3D Stager. The vulnerability stems from a mix-up in the instructions responsible for freeing memory, which can be exploited by attacker...

HTTPS Fetch, Windows Upload/Execute, Reverse Ordinal TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/upexec/reverseordtcp msf payloadreverseordtcp show actions ...actions... msf payloadreverseordtcp set ACTION msf...

HTTPS Fetch, Reverse TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/https/x86/vncinject/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf payloadreversenonxtcp show options...

HTTPS Fetch, Windows Upload/Execute, Hidden Bind Ipknock TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Uploads an executable and runs it staged. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you coul...

HTTPS Fetch, Windows Upload/Execute, Reverse TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Uploads an executable and runs it staged. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/https/x86/upexec/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION...

HTTPS Fetch, Windows Command Shell, Reverse TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp sho...

HTTPS Fetch, Windows Upload/Execute, Bind TCP Stager (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Uploads an executable and runs it staged. Listen for a connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/upexec/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp...

HTTPS Fetch, Windows Command Shell, Windows x86 Bind Named Pipe Stager

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Listen for a pipe connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/shell/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf...

HTTPS Fetch, Windows Command Shell, Reverse All-Port TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/https/x86/shell/reversetcpallports msf payloadreversetcpallports show actions...

HTTPS Fetch, Windows Command Shell, Reverse TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/https/x86/shell/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf...

HTTPS Fetch, Reverse Ordinal TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/vncinject/reverseordtcp msf payloadreverseordtcp show actions ...actions... msf payloadreverseordtcp set ACTION msf payloadreverseordtcp show options ...show an...

HTTPS Fetch, Windows x86 Reverse Named Pipe (SMB) Stager

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker via a named pipe pivot Module Options msf use payload/cmd/windows/https/x86/peinject/reversenamedpipe msf payloadreversenamedpipe show actions ...actions... msf payloadreversenamedpipe set ACTION msf...

HTTPS Fetch, Windows Command Shell, Bind TCP Stager (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Listen for a connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show...

HTTPS Fetch, Windows Command Shell, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/shell/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf...

HTTPS Fetch, Windows Command Shell, Reverse Ordinal TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/shell/reverseordtcp msf payloadreverseordtcp show actions ...actions... msf payloadreverseordtcp set ACTION msf...

HTTPS Fetch, Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/shell/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...