Lucene search
K

388 matches found

The Hacker News
The Hacker News
added 2026/06/19 3:7 p.m.18 views

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites. "With these actions we deprive cybercriminals of access to infected computer...

5.9AI score
Exploits0
CVE
CVE
added 2026/06/12 9:47 a.m.20 views

CVE-2026-11849

The CVE-2026-11849 entry concerns IEI Integration Corp’s iRM-IEI Remote Management with a hardcoded credentials flaw. Affected component: the iRM-IEI Remote Management database (product/vendor specified). Root cause: hardcoded credentials allowing unauthenticated remote access. Impact: attacker c...

9.8CVSS5.5AI score0.0035EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 9:44 a.m.8 views

CVE-2026-11848 IEI Integration Corp| iRM-IEI Remote Management - Missing Authentication

The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...

7.9CVSS5.3AI score0.00297EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 9:31 a.m.7 views

CVE-2026-11846 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to delete arbitrary system files or directories, resulting in data destruction or service disruption...

8.1CVSS5.6AI score0.00401EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 9:27 a.m.7 views

CVE-2026-11845 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - OS Command Injection

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injection vulnerability, allowing privileged remote attackers to inject arbitrary OS commands and execute them on the device...

8.6CVSS5.8AI score0.00951EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 9:12 a.m.9 views

CVE-2026-11844 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Read

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended directory scope...

6.9CVSS5.3AI score0.00407EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 9:12 a.m.37 views

CVE-2026-11844 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Read

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended directory scope...

6.9CVSS0.00407EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-48855

The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...

7.9CVSS5.3AI score0.00297EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-48840

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injection vulnerability, allowing privileged remote attackers to inject arbitrary OS commands and execute them on the device...

8.6CVSS5.8AI score0.00951EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/13 3:57 p.m.9 views

Malicious Package

Overview github.com/BufferZoneCorp/net-helper is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a cluster ...

9.8CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/05/13 3:57 p.m.12 views

Malicious Package

Overview github.com/BufferZoneCorp/go-stdlog is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a cluster o...

9.8CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/05/13 3:57 p.m.10 views

Malicious Package

Overview github.com/BufferZoneCorp/grpc-client is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a cluster...

9.8CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/05/13 3:57 p.m.10 views

Malicious Package

Overview github.com/BufferZoneCorp/go-weather-sdk is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a...

9.8CVSS6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 3:9 a.m.13 views

Malicious code in github.com/BufferZoneCorp/go-envconfig (Go)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/13 3:9 a.m.7 views

MAL-2026-3633 Malicious code in knot-rack-session-store (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/13 3:9 a.m.11 views

MAL-2026-3625 Malicious code in github.com/BufferZoneCorp/go-stdlog (Go)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/29 2:0 p.m.7 views

Malicious code in @omni-corp-infra/sso-bridge-core (npm)

Dependency confusion and typosquatting campaign by threat actor "saif777". Packages use inflated version numbers 9999.9999.9999, 9999.9999.10000, 50.50.50, 7.66.5 to win version resolution in environments with private registries. All active packages execute a postinstall hook "node index.js" that...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/24 3:28 p.m.13 views

Malicious code in @girirajravichandran/corp-build-utils-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82e79f342b1cd33520c8987b0307cb211e4b04694caef9c967725778e1802e94 The package @girirajravichandran/corp-build-utils-poc was found to contain malicious code...

5.9AI score
Exploits0
OSV
OSV
added 2026/03/24 3:28 p.m.6 views

MAL-2026-2331 Malicious code in @girirajravichandran/corp-build-utils-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82e79f342b1cd33520c8987b0307cb211e4b04694caef9c967725778e1802e94 The package @girirajravichandran/corp-build-utils-poc was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 12:45 p.m.7 views

Malicious code in corp-sign-core-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f94c959e18ab1995ded47f657c3ab5e5b8924c279ab0dc9e95f42ca2dc36027 The package corp-sign-core-js was found to contain malicious code...

5.8AI score
Exploits0
Rows per page
Query Builder