Malicious code in telethon2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 2f513e1bd0172cda035284efad9368870bc46158926c112ccd7fc881e6af75be Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in aws-consoler2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b37bd86b6f9bda9d03029c9d2fa09561b2b43cda7c3fddda1389c8e193c4a938 Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in enumerate-iam (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx bfefcae6c29da10e63d630fc7e012995d730cc5c0af3a8144dc517f26382a3bd Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in alibabacloud-vpc20180317 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0c24b33d1db8fffd5daaf1985d25add4bc66e7879e1a6efbc7ae706816931834 Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in python-aliyun-sdk-rds (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 56906386c88b620607253fc1d00a6d5d205c6a535a2ba12fc63108f09761300b Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in tencentcloud-python-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c79d20c4af5b69c3506d69fb847d2f5306a83433cb56e391c8dbf828e9728319 Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in aliyun-oss2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8c33f6b28da216b43120a3b8a8537d0263dc1eb2b22979a4183b371ff57b9e0b Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in python-aliyun-sdk-kms (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 53bdcdc5414f25435cd821a9217982c4b486c91100caa324a9c3613d4ccd8d42 Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in python-cos-sdk-v5 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9d23946b30370561c42df798c468626c8ec508cdf6f0fc22cc34bb67f2fa187e Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in python-aliyun-sdk-core (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 63f6387d6bfe7ae582be4478cf6a42a8104b44ea50b22489f5217ba2bfb3ce39 Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in python-aliyun-sdk-ecs (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx fcb822b0528f2cbde54bd2197ed8c774dda8cafc7c3e9ae5aff56465e7c6c72c Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Orangescrum cross-site scripting vulnerability (CNVD-2026-02680)

Orangescrum is a project and task management software tool that also provides productivity tools for work organization and team collaboration. Orangescrum cross-site scripting vulnerability, the vulnerability stems from the application does not properly validate the HTML content to be converted t...

Malicious code in arangodba (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8a8f8299dc6c21b2441da8a56c195b046c05f65c0ab9b78f08aff27eb1611ac7 Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Dataprobe iBoot-PDU 安全漏洞

The Dataprobe iBoot-PDU is a web-accessible managed PDU independently controlled outlet from Dataprobe USA. A security vulnerability exists in versions prior to Dataprobe iBoot-PDU FW 1.42.06162022. A security vulnerability exists, which stems from a cloud username and password being stored in...

PT-2023-23261 · Snap One · Ovrc Pro

Name of the Vulnerable Software and Affected Versions: Snap One OvrC Pro versions prior to 7.2 Description: The issue concerns a locally running web server in Snap One OvrC Pro that is accessible from both the local network and remotely. Additionally, there is a hidden superuser account in OvrC...

SUSE CVE-2021-25320

A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. Rancher in this case would attach the requested credentials without further checks This issue affects: Rancher versions prior to...

How Uber was hacked in 2022

What happened? The first information about the incident was issued yesterday, September 15th, 2022. We know that a hacker called “Tea Pot” successfully accessed Uber infrastructure and critical cloud services such as AWS, Slack, Google Workspace, and others. Most likely, Uber understood what had...

CVE-2022-22998

Implemented protections on AWS credentials that were not properly protected...

Rancher Labs Rancher 安全漏洞

Rancher Labs Rancher is an open source enterprise container management platform from Rancher Labs, Inc. An access control error vulnerability exists in Rancher Labs Rancher, which stems from the product's lack of effective privilege management for creating cloud credential IDs, which could be...

PT-2021-16518

Name of the Vulnerable Software and Affected Versions: Rancher versions prior to 2.5.9 Rancher versions prior to 2.4.16 Description: An Improper Access Control issue in Rancher allows users in the cluster to make requests to cloud providers by creating requests with the cloud-credential ID, and...