3971 matches found
Malicious code in @dz-lib/dz-cli (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ec9421e5d1892420fe8194f8361f8c856ef3b31d6996e2554d840fc850e59a1e Any computer that has this package installed or...
Malicious code in @dz-lib/icon (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 48177d2f5e82546462b55524174635af9b9c224b960955ce998919a80db4d812 Any computer that has this package installed or...
Malicious code in @hi.editor/core (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon...
Malicious code in @hisdk/mail-mac (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 396c6b416f2f3b292fa9331c7d139c100af0b05e27f9f92ab265b9767c90ec41 Any computer that has this package installed or...
Malicious code in flybook-table (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon...
Malicious code in interview-question (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon...
MAL-2024-12180 Malicious code in @hi.editor/core (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon...
MAL-2024-12182 Malicious code in flybook-table (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon...
MAL-2024-12183 Malicious code in interview-question (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon...
Malicious code in bs-auto-dark-mode (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8a5c6958e14a49e20ebdd6902cdb4cad7872983ed4d39e94b625cc50a20314ac The OpenSSF Package Analysis project...
UBUNTU-CVE-2024-42326
There was discovered a use after free bug in browser.c in the esbrowsergetvariant function...
PT-2024-9608 · Zabbi +2 · Zabbi +2
Name of the Vulnerable Software and Affected Versions: Zabbi affected versions not specified Description: A use after free error was discovered in the es browser get variant function, which can lead to a denial of service DoS when exploited. The issue is related to the use of memory after it has...
Analysis of Elpaco: a Mimic variant
Introduction In a recent incident response case, we dealt with a variant of the Mimic ransomware with some interesting customization features. The attackers were able to connect via RDP to the victim's server after a successful brute force attack and then launch the ransomware. After that, the...
Linux Variant of Helldown Ransomware Targets VMware ESX Servers
Cybersecurity firm Sekoia has discovered a new variant of Helldown ransomware. The article details their tactics and how…...
Bitcoin Core 安全漏洞
Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in Bitcoin Core versions prior to 25.0. An attacker exploiting the vulnerability could affect the download status of other peers by sending variant blocks...
python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()
A vulnerability was found in Python-Django in the getsupportedlanguagevariant function. The issue triggers when parsed with very long strings, including a specific set of characters, leading to a potential denial of service attack...
kernel: perf: hisi: Fix use-after-free when register pmu fails
In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, the pmu context may not been allocated. The error handing will call cpuhpstateremoveinstance to call uncore pmu offline callback, whi...
Hackers Use Excel Files to Deliver Remcos RAT Variant on Windows
This article explains the inner workings of the Remcos RAT, a dangerous malware that uses advanced techniques to…...
CVE-2024-50138
In the Linux kernel, the following vulnerability has been resolved: bpf: Use rawspinlockt in ringbuf The function bpfringbufreserve is invoked from a tracepoint, which disables preemption. Using spinlockt in this context can lead to a "sleep in atomic" warning in the RT variant. This issue is...
python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()
A vulnerability was found in Python-Django in the getsupportedlanguagevariant function. The issue triggers when parsed with very long strings, including a specific set of characters, leading to a potential denial of service attack...