Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware

Void Dokkaebi, a North Korea-aligned intrusion set, has updated its information-stealing malware, InvisibleFerret, shifting its delivery format to evade script-based detections...

cpython: CPython: Logging Bypass in Legacy .pyc File Handling

A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files .pyc, does not properly trigger system audit events. Th...

MAL-2026-3356 Malicious code in test-py-conn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7e39e3b24f15db8e5eff412ba6cb217986b6f80b6923712abd1efee4cf79a7ed The code automatically starts a worker designed to survive the exit of the main process. The worker load code from a PYC file which then connects to pre-define...

Astra Linux - уязвимость в pcre2

A out-of-bounds read vulnerability was discovered in the PCRE2 library, specifically in the pcre2jitcompile.c file’s compilexclassmatchingpath function. This issue relates to a Unicode property matching problem in JIT-compiled regular expressions. The vulnerability arises because the character is...

cpython: CPython: Logging Bypass in Legacy .pyc File Handling

A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files .pyc, does not properly trigger system audit events. Th...

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that's distributed via a theme related to India's banking sector. "The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations...

EUVD-2026-21025

Wasmtime has host panic when Winch compiler executes table.fill...

BIT-PYTHON-2026-2297 SourcelessFileLoader does not use io.open_code()

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

SUSE CVE-2026-2297

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

EUVD-2026-9498

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

AZL-79413 CVE-2026-2297 affecting package python3 3.9.19-19

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

Insufficient Logging

Overview Affected versions of this package are vulnerable to Insufficient Logging in the FileLoader class that incorrectly handles legacy SourcelessFileLoader for .pyc files. An attacker can bypass logging mechanisms sys.audit by crafting or manipulating .pyc files to avoid detection or auditing...

Calibre 路径遍历漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer in India. It serves as a comprehensive e-book reading management and format conversion tool. Prior to Calibre 9.2.0, there was a path traversal vulnerability. This vulnerability stemmed from the CHM reader’s...

Arbitrary Command Injection

Elysia is vulnerable to Arbitrary Command Injection. The vulnerability is due to unsanitized injection of dynamic cookie configuration into compiled routes, which allows an attacker with write access to the cookie configuration to inject and execute arbitrary code...

[SECURITY] Fedora 43 Update: mingw-libtasn1-4.21.0-1.fc43

libtasn1 is the ASN.1 library used in GNUTLS. This package contains the MinGW Windows cross compiled libtasn1 library...

Linux Distros Unpatched Vulnerability : CVE-2022-50813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drivers: mcb: fix resource leak in mcbprobe When probe hook function failed in mcbprobe, it doesn't put the device. Compiled test only. CVE-2022-50813 Note that...

SUSE CVE-2022-50813

In the Linux kernel, the following vulnerability has been resolved: drivers: mcb: fix resource leak in mcbprobe When probe hook function failed in mcbprobe, it doesn't put the device. Compiled test only...

CVE-2022-50813

In the Linux kernel, the following vulnerability has been resolved: drivers: mcb: fix resource leak in mcbprobe When probe hook function failed in mcbprobe, it doesn't put the device. Compiled test only...

PT-2025-53931

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak exists in the mcb probe function within the Linux kernel’s drivers. Specifically, if the probe hook function fails during the mcb probe process, the device is not release...

Next Server Actions Source Code Exposure

A vulnerability affects certain React packages for versions 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, and 19.2.1 and frameworks that use the affected packages, including Next.js 15.x and 16.x using the App Router. The issue is tracked upstream as CVE-2025-55183. A malicious HTTP request can...