Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

TOR Virtual Network Tunneling Tool 0.4.9.9

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

Fedora 43 : tor (2026-0c38968a1b)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0c38968a1b advisory. Update to latest upstream release https://forum.torproject.org/t/security- release-0-4-8-25-and-0-4-9-8/21559 Tenable has extracted the preceding...

[SECURITY] Fedora 43 Update: tor-0.4.9.8-1.fc43

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and...

[SECURITY] Fedora 44 Update: tor-0.4.9.8-1.fc44

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and...

Fedora 44 : tor (2026-5ce7cc46bb)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5ce7cc46bb advisory. Update to latest upstream release https://forum.torproject.org/t/security- release-0-4-8-25-and-0-4-9-8/21559 Tenable has extracted the preceding...

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network VPN service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. Codenamed Operation Saffron, the disruption of First...

Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload

In 2025, we observed pervasive SSH tunnel activity, which has remained active into 2026, affecting many government organizations and commercial companies in Russia and Belarus. Behind some of this activity is Cloud Atlas, a group we have known since 2014. During our investigation, we identified n...

Malicious code in natazx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0514a0df660dfc4e7380f68e8533fa325ccc246ba21855975f73d3af78cd9f0 On import natazx, the package's top-level code executes several installer-hostile actions without consent: 1 it unconditionally overwrites the host's...

MAL-2026-3778 Malicious code in natazx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0514a0df660dfc4e7380f68e8533fa325ccc246ba21855975f73d3af78cd9f0 On import natazx, the package's top-level code executes several installer-hostile actions without consent: 1 it unconditionally overwrites the host's...

Security update for tor (critical)

openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2026:0164-1 Rating: critical References: 1264341 1264342 1264343 1264344 1264345 1264346 Cross-References: CVE-2026-44597 CVE-2026-44599 CVE-2026-44600 CVE-2026-44601 CVE-2026-44602 CVE-2026-44603 Affected Products:...

CVE-2026-44600

A flaw was found in Tor. This vulnerability occurs due to mishandling of the conflux out-of-order queue accounting during queue clearing. A remote attacker with high attack complexity could exploit this flaw, leading to a denial of service...

CVE-2026-44599

A flaw was found in Tor. This vulnerability allows a remote attacker to manipulate directory information by attempting or accepting specific BEGINDIR messages through an internal mechanism known as conflux legs. This could result in a low integrity impact, where the accuracy or trustworthiness of...

CVE-2026-44597

A flaw was found in Tor. A remote attacker can exploit an out-of-bounds read vulnerability when an END, TRUNCATE, or TRUNCATED cell lacks a reason in its payload. This can lead to a denial of service, making the Tor service unavailable...

openSUSE 16 Security Update : tor (openSUSE-SU-2026:20709-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20709-1 advisory. Changes in tor: - Update to 0.4.9.8 Fix out-of-bounds read boo1264341, CVE-2026-44597, TROVE-2026-011 Do not attempt or accept BEGINDIR via...

[SECURITY] [DSA 6260-1] tor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6260-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 10, 2026 https://www.debian.org/security/faq -...

Debian dsa-6260 : tor - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6260 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6260-1 [email protected]...