YARA-X 1.17.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

Anonymous YARA Rules Are Not Anonymous

YARA rules are widely shared across threat intelligence communities to enable collective defence against malware. This practice implicitly assumes that removing metadata e.g., author fields sufficiently protects the identity of contributing organisations. To assess the validity of this assumption...

A Large Language Model Approach to Generating Bypass Rules for Malware Evasion in Analysis Sandbox

Sandbox evasion remains a critical challenge for automated malware analysis, as modern malware employs environment checks to detect analysis platforms and suppress malicious behavior. Existing approaches rely on manually crafted bypass rules that require deep reverse engineering of each evasion...

GHSA-P8XM-42R7-89XG vulnerabilities

Vulnerabilities for packages: yara-x...

CVE-2026-44216 vulnerabilities

Vulnerabilities for packages: yara-x...

CVE-2026-44216 vulnerabilities

Vulnerabilities for packages: yara-x...

GHSA-P8XM-42R7-89XG vulnerabilities

Vulnerabilities for packages: yara-x...

YARA-X 1.16.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

Static Attribution of Android Residential Proxy Malware Using Graph Kernels

Android residential proxy applications represent a growing class of potentially-unwanted programs PUPs that covertly route third-party traffic through end-user devices, enabling ad fraud, credential abuse, and evasion of geolocation controls by sophisticated threat actors. Attributing an unknown...

TLSCheck 2.0: An Enhanced Memory Forensics Approach to Efficiently Detect TLS Callbacks

Memory analysis is a crucial technique in digital forensics that enables investigators to examine the runtime state of a system through physical memory dumps. While significant advances have been made in memory forensics, the detection and analysis of Thread Local Storage TLS callbacks remain...

YARA-X 1.15.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

Exploit for Race Condition in Canonical Ubuntu_Linux

Dillu-Analyzer 🛡️ Dillu Analyzer — A web-based universal malwa...

Malicious code in react-refresh-update (npm)

Package contains highly obfuscated code with dynamic execution using eval, a strong indicator of malicious intent. YARA rule matches confirm. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68cf0c0bd6ed2a8c07bc175b5c0cc7f86a49133e67dd5d8f68f37309c5f1a463 The...

Malicious code in spectral-corsair-my-backdoor (npm)

Malicious package detected. Suspicious preinstall script exfiltrates data to a remote server. Multiple YARA rules and LLM analysis confirm. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0826a28f7948e68cdddd6260a01c3653a7f04deb2c9368054243ed47713ee353 The packa...

MAL-2026-1374 Malicious code in spectral-corsair-my-backdoor (npm)

Malicious package detected. Suspicious preinstall script exfiltrates data to a remote server. Multiple YARA rules and LLM analysis confirm. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0826a28f7948e68cdddd6260a01c3653a7f04deb2c9368054243ed47713ee353 The packa...

Ubuntu: Security Advisory (USN-8080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : YARA vulnerabilities (USN-8080-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8080-1 advisory. Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules...

USN-8080-1: YARA vulnerabilities

Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...

YARA-X 1.14.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

SUSE CVE-2026-24845

malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. Starting in version 0.10.0 and prior to version 1.20.3, malcontent could be made to expose Docker registry credentials if it scanned a specially crafted OCI image reference. malcontent uses...