Lucene search
K

37 matches found

Packet Storm News
Packet Storm News
added 2026/05/07 12:0 a.m.11 views

ClawGuard: Out-Of-Band Detection of LLM Agent Workflow Hijacking Via EM Side Channel

Autonomous LLM agents face a critical security risk known as workflow hijacking, where attackers subtly alter tool and skill invocations. Existing defenses rely on host-internal telemetry such as audit logs, which can be forged if the host OS is compromised. To solve this, we introduce ClawGuard,...

5.8AI score
Exploits0
Gitee
Gitee
added 2025/09/06 12:36 a.m.83 views

maltrail

It is an offensive tool for network traffic analysis. The primary CVE ID is not present in the provided context, but the tool is designed to detect malicious traffic. The target product/service or framework is not explicitly stated, but it is likely a network traffic analysis system. The...

6.7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/06/06 12:0 a.m.9 views

Threat Intelligence Sweeping now supports container security telemetry data

Threat Intelligence Sweeping starts to support sweep container security telemetry data. Users can now use the TI tool to identify possible malicious activity in their container-based environments. The trigger events are visible in workbench alert...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/12 12:0 a.m.8 views

Ngrok Detected

This is an informational notice that the scanner was able to detect an Ngrok tunneling service to access the target web application. Note that this detection is included in the Remote Access Tools category. No source data...

7.3AI score
Exploits0References1
OSV
OSV
added 2024/11/06 6:46 p.m.8 views

MAL-2024-10579 Malicious code in adandu (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5f79b041fd4b5d0177f66a15f603d406d6eaeae16e312194b27685e261ce50fc A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7AI score
Exploits0References1
OSV
OSV
added 2024/10/16 9:12 p.m.4 views

MAL-2024-9407 Malicious code in j5gnpuiwerbngpiutbgn0iutb0p (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0e410a6e975b8a7d6930f2fbde2be25a08fd2bc8995fc57d1794fc12eaf1e019 According to the description, packages should demonstrate the dependency confusion attack. The realisation is, in fact, a spamming with packages having as the...

6.8AI score
Exploits0References1
OSV
OSV
added 2024/08/10 11:5 p.m.8 views

MAL-2024-8016 Malicious code in artifact-lab-3-package-f0727516 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4eda9e6e52c2a5a96b0b7053fcd9c738d037bc9a0c86b1a2bd7c74336691b958 Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...

7.5AI score
Exploits0References1
OSV
OSV
added 2023/07/31 4:36 p.m.17 views

MAL-2023-1031 Malicious code in command-launcher (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a7b891d069224249cbc33b96113ab88f41f6eb292cb9a94e8232641a2e2ddf9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2022/12/05 11:0 p.m.15 views

Watch out for this triple threat PayPal phish

ZDNet reports an interesting form of PayPal scam sent to one of their own writers. The scam is a so-called "triple threat" phish, in that it gives the scammer three different ways to potentially collect some ill gotten gains from potential victims. The idea is that if one of the three tactics...

0.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/11/30 2:2 p.m.19 views

Rapid7 Integration For AWS Verified Access

Today at re:invent, Amazon Web Services AWS unveiled its new AWS Verified Access service, and we are thrilled to announce that InsightIDR — Rapid7’s next-gen SIEM and XDR — will support log ingestion from this new service when it is made generally available. What Is AWS Verified Access? AWS...

1.7AI score
Exploits0
Symantec
Symantec
added 2019/10/16 12:0 a.m.23 views

Multiple Cisco Products CVE-2019-12636 Cross Site Request Forgery Vulnerability

Description Multiple Cisco Products are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. This issue is being tracked by Cisco...

0.00645EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2019/07/23 12:0 a.m.113 views

Mitsubishi Electric FR Configurator2

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric FR Configurator2 Vulnerabilities: Improper Restriction of XML External Entity Reference, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation...

7.1CVSS6AI score0.01019EPSS
Exploits0References6
Symantec
Symantec
added 2018/06/12 12:0 a.m.38 views

Microsoft SharePoint Server CVE-2018-8252 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...

0.3AI score0.02472EPSS
Exploits0Affected Software2
n0where
n0where
added 2018/03/22 6:48 a.m.105 views

Detect Illegal Wireless Network Activities: WIPI-HUNTER

WipiHunter is developed for detecting illegal wireless network activities; howver, it shouldn’t be seen only as a piece of code. Instead, actually it is a philosophy. You can infer from this project new wireless network illegal activity detection methods. New methods, new ideas and different poin...

2.2AI score
Exploits0References1
Symantec
Symantec
added 2018/01/09 12:0 a.m.40 views

Microsoft Excel CVE-2018-0796 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

9.3CVSS8.9AI score0.23257EPSS
Exploits0Affected Software2
Symantec
Symantec
added 2017/10/10 12:0 a.m.34 views

Microsoft Windows Graphics Component CVE-2017-11763 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Versi...

6.8CVSS1.1AI score0.17147EPSS
Exploits0Affected Software3
Symantec
Symantec
added 2017/06/13 12:0 a.m.43 views

Microsoft Windows Uniscribe CVE-2017-0285 Information Disclosure Vulnerability

Description Microsoft Windows Uniscribe is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Office 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2...

1.9CVSS5.1AI score0.02973EPSS
Exploits2Affected Software4
Symantec
Symantec
added 2017/03/14 12:0 a.m.50 views

Microsoft Office CVE-2017-0019 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

9.3CVSS0.8AI score0.16607EPSS
Exploits0Affected Software1
Cisco Threats
Cisco Threats
added 2017/03/13 1:52 p.m.10 views

Threat Outbreak Alert RuleID28246: Email Messages Distributing Malicious Software on March 13, 2017

Medium Alert ID: 53002 First Published: 2017 March 13 13:52 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID28246 may contain the following files: Name | Si...

0.8AI score
Exploits0
Cisco Threats
Cisco Threats
added 2016/08/31 1:47 p.m.16 views

Threat Outbreak Alert RuleID24697: Email Messages Distributing Malicious Software on August 31, 2016

Medium Alert ID: 48681 First Published: 2016 August 31 13:47 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID24697 may contain the following files: Name |...

0.6AI score
Exploits0
Rows per page
Query Builder