MAL-2026-4872 Malicious code in @car-loans/gus (npm)

Part of a dependency confusion attack campaign targeting the @car-loans, @fb-deposit, and @debit-ib npm scopes. The attacker npm user pik-libs published 25 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version resolution,...

Malicious code in pynosist (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ef7a4db1443361fe93b268c7ad8f38c5c290d5334162b57c2b534c97acbc2b5d The campaign is built from a benign-like package e.g. genosys and the malicious dependency e.g. pynosist. The dependency uses a PTH file to trigger malicious...

Nhost 安全漏洞

Nhost is an open-source backend service platform developed by Nhost. Versions of Nhost prior to 1.41.0 contained security vulnerabilities. These vulnerabilities stemmed from the Nhost CLI MCP server, which, when explicitly configured to listen on network ports, did not apply inbound authenticatio...

Windows CLI MCP Server 操作系统命令注入漏洞

Windows CLI MCP Server is a context protocol server for Simon Benedict Individual Developer. An operating system command injection vulnerability exists in Windows CLI MCP Server that stems from the resolveCommandPath method not properly validating a user input string, which could lead to remote...

EUVD-2025-35650

Client-Side Enforcement of Server-Side Security CWE-602 in the Command Centre Server allows a privileged operator to enter invalid competency data, bypassing expiry checks. This issue affects Command Centre Server: 9.30 prior to vEL9.30.2482 MR2, 9.20 prior to vEL9.20.2819 MR4, 9.10 prior to...

New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs

Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts. "Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileg...

EUVD-2012-5267

Malware in sbrugna...

Malicious Package

Overview github.com/briefinitia/gouid is a malicious package. This package contains malicious code designed to provide attackers with on-demand remote access to a developer's system or CI/CD environment. The package and some other variants use typosquatting to imitate legitimate packages. Upon...

New Malware Spotted Corrupts Its Own Headers to Block Analysis

Fortinet spots new malware that corrupts its own headers to block forensic analysis, hide behavior, and communicate with its C2 server...

CVE-2012-5345

Buffer overflow in the Remote command server Rcmd.bat in IpTools aka Tiny TCP/IP server 0.1.4 allows remote attackers to cause a denial of service crash via a long string to TCP port 23...

MAL-2025-3660 Malicious code in pie-docs (npm)

This package steals IP address and sent it to C&C server in preinstall hook...

IBM DB2 Db2rcmd.exe Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM DB2 db2rcmd.exe Command Execution Vulnerability', 'Description' = %q This module exploits a vulnerability in the Remote Command Server...

CVE-2023-28425 Specially crafted MSETNX command can lead to denial-of-service

Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10...

CVE-2021-23193

Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 MR3 ; 8.40...

Researchers uncover a new Iranian malware used in recent cyberattacks

An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems. Cybersecurity firm Check Point attributed the operation to APT34, citing similarities with previous...

42 Adware Apps with 8 Million Downloads Traced Back to Vietnamese Student

First of all, if you have any of the below-listed apps installed on your Android device, you are advised to uninstall it immediately. Cybersecurity researchers have identified 42 apps on the Google Play Store with a total of more than 8 million downloads, which were initially distributed as...

CVE-2019-4378

IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 command server is vulnerable to a denial of service attack caused by an authenticated and authorized user using specially crafted PCF messages. IBM X-Force ID: 162084...

CVE-2019-4378

IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 command server is vulnerable to a denial of service attack caused by an authenticated and authorized user using specially crafted PCF messages. IBM X-Force ID: 162084...

Design/Logic Flaw

IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 command server is vulnerable to a denial of service attack caused by an authenticated and authorized user using specially crafted PCF messages. IBM X-Force ID: 162084...

CVE-2019-4378

IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 command server is vulnerable to a denial of service attack caused by an authenticated and authorized user using specially crafted PCF messages. IBM X-Force ID: 162084...