Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Malwarebytes
Malwarebytesadded 2026/04/17 7:40 a.m.4 views

“Your shipment has arrived” email hides remote access software

An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to explore a network, steal data, and drop additional malware. A German industrial spare parts and equipment supplier received an ema...

6AI score
Exploits0
Malwarebytes
Malwarebytesadded 2025/10/22 12:2 p.m.4 views

Home Depot Halloween phish gives users a fright, not a freebie

We received a timely phishing email pretending to come from Home Depot. It claimed we’d won a Gorilla Carts dump cart that’s a sort of four-wheeled wheelbarrow for anyone unfamiliar—and said it was just one click away. It wasn’t. The whole image in the email was clickable, and it hid plenty of...

6.6AI score
Exploits0
OSV
OSVadded 2025/09/01 8:43 p.m.1 views

MAL-2025-45604 Malicious code in promise-with-resolvers-polyfil (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aaa40ddd391e49632fb8ff493e7aab475c4004635e41533ea6b7223e96b29f5b Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSV
OSVadded 2025/06/05 5:59 p.m.1 views

MAL-2025-4697 Malicious code in dc-spectrum-v3-core (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f90b2269a7759d64a1656b51e7f35e99c4005a61cd9012d931d6965bd544aa1 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/01/30 4:55 p.m.2 views

Malicious code in auth0-langchain-rag-js (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45456ae9e475bcf705080fa16f34aebd7095a7aae6490e2b0a570ecb0b36e27c Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References3
Veracode
Veracodeadded 2024/07/03 3:45 p.m.18 views

Supply Chain Attack

Fides is vulnerable to Supply Chain Attack. The vulnerability is due to mishandling of client-side script dependencies and the use of a compromised third-party domain like polyfill.io. The vulnerability allows an attacker to serve malicious scripts to users of legacy browsers when they load...

6.5AI score0.22233EPSS
Exploits0References8Affected Software1
OSV
OSVadded 2018/06/26 4:29 p.m.30 views

CVE-2018-1000500

Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file"...

8.1CVSS8.4AI score
Exploits0References3
Rows per page
Query Builder