305 matches found
MAL-2025-191902 Malicious code in time-server-analysis (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5f796bcefeb9b8d3af4bde36c54545d77afdcd6b63284ae58b0a6078b0bbb561 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
MAL-2025-191687 Malicious code in awscloud-clients-core (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e27bf5713a8bafdbcc34c43b98cc4d5e9c5d03e4952f788b12ff9749081b22d2 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
MAL-2025-191905 Malicious code in time-service-checker (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 92ae5fc73fd7cc45d02ba02f6c3b667d155f681ba74262d66421edee5f19d237 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
Malicious code in tclients-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7e1b954f34e0b9f14cca18b47f856a049c06e3503f3186ec2ae4db717a1298a8 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
MAL-2025-191671 Malicious code in aclient-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aa9e5d91a1f45bce354edc5b12fcacf603db5e00dc4a48628d3fe5fff37d0eb2 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
MAL-2025-191871 Malicious code in snapshot-photo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 61ed09e2fa2143dedd945c585d917ad8d7b55d7118e5093430b48c5c02d126f8 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
MAL-2025-191887 Malicious code in tcloud-python-sdks (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 601415ac1e4afe43331c4b78d99e406f34b4a970a365a366cdc0598c5cb22f9c This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
MAL-2025-191721 Malicious code in enumer-iam (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8062489d0fe9ae58c1937e4afba7f0f3adfbd507e07dd81bb9450bf7f58c6943 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
MAL-2025-191676 Malicious code in alicloud-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6366aa8c2eff918da0f1cc2118a026e749592f71bebbe81215877575b9593c6a This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
EMERALDWHALE Steals 15,000+ Cloud Credentials, Stores Data in S3 Bucket
Operation EMERALDWHALE compromises over 15,000 cloud credentials, exploiting exposed Git and Laravel files. Attackers use compromised S3 buckets…...
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE , is estimated to have collected over 10,000 private...
Malicious code in cloud-credentials (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-4899 Malicious code in cloud-credentials (PyPI)
--- -= Per source details. Do not edit below this line.=-...
LLMjacking: An Attack Method for Stealing Cloud Credentials
...
PT-2024-19296 · Vmware · Vmware Avi Load Balancer
Name of the Vulnerable Software and Affected Versions: VMware Avi Load Balancer affected versions not specified Description: The issue concerns an information disclosure problem where a malicious actor with access to the system logs can view cloud connection credentials in plaintext...
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
A new malware called Cuttlefish is targeting small office and home office SOHO routers with the goal of stealthily monitoring all traffic through the devices and gather authentication data from HTTP GET and POST requests. "This malware is modular, designed primarily to steal authentication materi...
Sensitive Information leak via Log File in Kubernetes
In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects v1.19.3...
GHSA-X4X5-JV3X-9C7M `qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code
Summary deserializing json data using qiskitibmruntime.RuntimeDecoder can be made to execute arbitrary code given a correctly formatted input string Details RuntimeDecoder is supposed to be able to deserialize JSON strings containing various special types encoded via RuntimeEncoder. However, one...
Rancher 'Audit Log' leaks sensitive information
Impact A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs. Rancher Audit Logging is an opt-in feature, only deployments that have it enabled and have AUDITLEVEL set to 1 or above are impacted by this issue. The leaks might be caught in the...
Androxgh0st Malware Uses Stealthy Tactics in Pilfering Credentials
Summary: The Androxgh0st malware is building a botnet, specifically aimed at illicitly obtaining cloud credentials from popular applications such as Amazon Web Services AWS, Microsoft Office 365, SendGrid, and Twilio. This stolen data is then utilized to disseminate additional harmful payloads...