Lucene search
K

5 matches found

OSV
OSV
added 2026/04/14 12:35 p.m.8 views

MAL-2026-2882 Malicious code in cjs-biginteger (npm)

big.js typosquat campaign - SSH backdoor implantation, credential and crypto wallet theft --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad18a38aa59b5edbd05dbdf229f4d013446f970fe18b41e54ffc1c24a926d2bd The package cjs-biginteger was found to contain malicious...

5.9AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/11 7:44 p.m.2 views

CVE-2026-31976 xygeni-action v5 tag poisoned with C2 backdoor

xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main...

9.3CVSS6AI score0.00496EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/10/24 6:33 a.m.144 views

Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection

The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods. "Investigated network traffic to a compromised device has shown that the threat actor has upgrade...

10CVSS9.2AI score0.99571EPSS
Exploits28
ThreatPost
ThreatPost
added 2020/03/31 9:16 p.m.50 views

Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy

An extensive campaign has surfaced that targets Windows users belonging to a specific Asian religious and ethnic group. The attack making use of a series of watering-hole websites and a drive-by download gambit relying on fake Flash updates. According to analysis from Kaspersky, released on...

7.8AI score
Exploits0References9
exploitpack
exploitpack
added 2019/10/18 12:0 a.m.36 views

Joomla! 3.4.6 - Remote Code Execution

Joomla! 3.4.6 - Remote Code Execution Exploit Title: Joomla! 3.4.6 - Remote Code Execution Google Dork: N/A Date: 2019-10-02 Exploit Author: Alessandro Groppo Vendor Homepage: https//www.joomla.it/ Software Link: https://downloads.joomla.org/it/cms/joomla3/3-4-6 Version: 3.0.0 -- 3.4.6 Tested on:...

Exploits0
Rows per page
Query Builder