Lucene search
K

1667 matches found

Gitee
Gitee
added 2025/07/27 3:39 a.m.113 views

Exploit for Incorrect Default Permissions in Microsoft

This List is no longer updated. Awesome Red Teaming List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point. Anyway, this is a living resources and will update regularly with latest Adversarial Tactics and...

8.8CVSS9.9AI score0.15257EPSS
Exploits4
The Hacker News
The Hacker News
added 2025/07/24 3:13 p.m.15 views

CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing

Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans RATs. The activity employs Cloudflare-themed ClickFix phishing attacks and fake GitHub...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/07/14 2:7 p.m.6 views

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Executive summary Recent threat research highlights a growing risk in the Python and machine learning ML ecosystem: the exploitation of serialized model files, specifically those using Python’s pickle module. While commonly used for saving and loading ML models, pickle files can execute arbitrary...

8AI score
Exploits0
Gitee
Gitee
added 2025/07/08 2:11 p.m.65 views

YushuTechUnitreeGo1

Based on the provided code, it appears to be a Windows executable file PE file that has been modified to contain a malicious payload. The file is likely a malware dropper or a backdoor that allows remote access to the compromised system. The code is written in C and uses various techniques to eva...

7.3AI score
Exploits0
GithubExploit
GithubExploit
added 2025/07/03 10:56 a.m.188 views

Exploit for Incorrect Default Permissions in Forescout Secureconnector

Description A PoC for CVE-2025-4660, Forescout SecureConne...

9.8CVSS6.5AI score0.00957EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/06/27 12:0 a.m.5 views

Under the Hood of BlotchyQuasar: DLL-Based RAT Campaigns against Latin America

A sophisticated malspam campaign was recently uncovered targeting Latin American countries, with a particular focus on Brazil. This operation utilizes a highly deceptive phishing email to trick users into executing a malicious MSI file, initiating a multi-stage infection. The core of the attack...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/26 7:19 a.m.11 views

Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa

Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain access. Palo Alto Networks Unit 42 is tracking the activity under the moniker...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/19 5:23 p.m.13 views

New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud, and NFC Theft

Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns. "Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service MaaS on...

7.7AI score
Exploits0
OSV
OSV
added 2025/06/10 6:36 a.m.4 views

MAL-2025-4776 Malicious code in @gluestack-ui/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 17982e09dcf1a69caf714afad49b310371d80fe7260bf21fcad08da2a07df00c React Native ARIA and @gluestack-ui/utils had unauthorized new versions published that contained malicious code via a public access token...

7.5AI score
Exploits0References2
OSV
OSV
added 2025/06/10 6:36 a.m.3 views

MAL-2025-4782 Malicious code in @react-native-aria/interactions (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 0ebff3f8886f25a3adc58387ba0a97c3768c3c88e8f4c09d8562b92b0fdbbd7f React Native ARIA and @gluestack-ui/utils had unauthorized new versions published that contained malicious code via a public access token...

7.5AI score
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.3 views

Striking Back at Cobalt: Using Network Traffic Metadata to Detect Cobalt Strike Masquerading Command and Control Channels

Off-the-shelf software for Command and Control is often used by attackers and legitimate pentesters looking for discretion. Among other functionalities, these tools facilitate the customization of their network traffic so it can mimic popular websites, thereby increasing their secrecy. Cobalt...

7AI score
Exploits0
Snyk
Snyk
added 2025/06/04 9:0 p.m.4 views

Malicious Package

Overview readmecolorama is a malicious package. This package contains payloads with Windows and Linux variants that access and exfiltrate sensitive configuration information, establish remote control / remote access for the attacker, establish persistence and “command and control” C2 mechanisms...

9.8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2025/06/04 9:0 p.m.2 views

Malicious Package

Overview coloraiz is a malicious package. This package contains payloads with Windows and Linux variants that access and exfiltrate sensitive configuration information, establish remote control / remote access for the attacker, establish persistence and “command and control” C2 mechanisms...

9.8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2025/06/04 9:0 p.m.2 views

Malicious Package

Overview coloramapkgs is a malicious package. This package contains payloads with Windows and Linux variants that access and exfiltrate sensitive configuration information, establish remote control / remote access for the attacker, establish persistence and “command and control” C2 mechanisms...

9.8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2025/06/04 9:0 p.m.3 views

Malicious Package

Overview coloramapkgsw is a malicious package. This package contains payloads with Windows and Linux variants that access and exfiltrate sensitive configuration information, establish remote control / remote access for the attacker, establish persistence and “command and control” C2 mechanisms...

9.8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2025/06/04 9:0 p.m.3 views

Malicious Package

Overview coloramashowtemp is a malicious package. This package contains payloads with Windows and Linux variants that access and exfiltrate sensitive configuration information, establish remote control / remote access for the attacker, establish persistence and “command and control” C2 mechanisms...

9.8CVSS6.9AI score
Exploits0References2
Snyk
Snyk
added 2025/06/04 9:0 p.m.6 views

Malicious Package

Overview coloramapkgsdow is a malicious package. This package contains payloads with Windows and Linux variants that access and exfiltrate sensitive configuration information, establish remote control / remote access for the attacker, establish persistence and “command and control” C2 mechanisms...

9.8CVSS6.9AI score
Exploits0References2
The Hacker News
The Hacker News
added 2025/05/29 5:59 a.m.7 views

Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations

Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control C2. The tech giant, which discovered the activity in late October 2024, said the malware was hosted on a compromise...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/28 12:30 p.m.38 views

New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto

Embedded Linux-based Internet of Things IoT devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances to expand in size and scale and deliver additional malware to the infected hosts. "Rather than...

7.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/27 12:0 a.m.3 views

Lazarus Group Targets Crypto-Wallets and Financial Data While Employing New Tradecrafts

This report presents a comprehensive analysis of a malicious software sample, detailing its architecture, behavioral characteristics, and underlying intent. Through static and dynamic examination, the malware core functionalities, including persistence mechanisms, command-and-control communicatio...

6.9AI score
Exploits0
Rows per page
Query Builder