📄 Backdoor.Win32.ControlTotal.t MVID-2025-0702 Insecure Credential Storage

Backdoor.Win32.ControlTotal.t malware listens on TCP port 2032 and requires authentication. The password "jdf4df4vdf" is stored in cleartext within the PE file. Discovery / credits: Malvuln John Page aka hyp3rlinx c 2025 Original source:...

EUVD-2019-1080

Malware in sbrugna...

EUVD-2022-2199

Malicious code in bioql PyPI...

Siemens SIMATIC RTLS Locating Manager 安全漏洞

Siemens SIMATIC RTLS Locating Manager is an RTLS locating manager from Siemens, Germany. A security vulnerability exists in Siemens SIMATIC RTLS Locating Manager versions prior to V3.3, which stems from improperly protected credentials and could result in elevated privileges...

CVE-2019-3640

Unprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention 11.x prior to 11.4.0 allows remote attackers with access to the network to collect login details to the LDAP server via the ePO extension not using a secure connection when testing LDAP connectivity...

IBM CICS TX Standard Web UI Cross-Site Scripting Vulnerability

IBM CICS TX Standard is a comprehensive single transaction runtime package from International Business Machines IBM, Inc. It can provide a cloud-native deployment model for standalone applications. A cross-site scripting vulnerability exists in IBM CICS TX Standard version 11.1, which stems from...

Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec

Impact This issue is only relevant to clusters provisioned using RKE1 with secrets encryption configuration enabled. A vulnerability has been identified in which an RKE1 cluster keeps constantly reconciling when secrets encryption configuration is enabled please see the RKE documentation. When...

PT-2023-7551 · Unknown · Trace Mode

Name of the Vulnerable Software and Affected Versions: TRACE MODE affected versions not specified Description: The issue is related to the unencrypted storage of credentials in the SCADA system. Exploitation of this issue could allow an attacker to modify user privileges, potentially granting...

CVE-2022-34805

Jenkins Skype notifier Plugin 1.1.0 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

Iranian state-sponsored APT group MuddyWater targeting organizations via malicious executables

THREAT LEVEL: Red. United States Cyber Command USCYBERCOM has warned of an ongoing cyber attack by Iranian state sponsored actor named as MuddyWater. This APT group is currently targeting Middle Eastern countries and has also targeted European and North American nations. The Iranian-backed...