388 matches found
Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites
Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites. "With these actions we deprive cybercriminals of access to infected computer...
CVE-2026-11849
The CVE-2026-11849 entry concerns IEI Integration Corp’s iRM-IEI Remote Management with a hardcoded credentials flaw. Affected component: the iRM-IEI Remote Management database (product/vendor specified). Root cause: hardcoded credentials allowing unauthenticated remote access. Impact: attacker c...
CVE-2026-11848 IEI Integration Corp| iRM-IEI Remote Management - Missing Authentication
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...
CVE-2026-11846 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to delete arbitrary system files or directories, resulting in data destruction or service disruption...
CVE-2026-11845 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - OS Command Injection
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injection vulnerability, allowing privileged remote attackers to inject arbitrary OS commands and execute them on the device...
CVE-2026-11844 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Read
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended directory scope...
CVE-2026-11844 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Read
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended directory scope...
PT-2026-48855
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information...
PT-2026-48840
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injection vulnerability, allowing privileged remote attackers to inject arbitrary OS commands and execute them on the device...
Malicious Package
Overview github.com/BufferZoneCorp/net-helper is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a cluster ...
Malicious Package
Overview github.com/BufferZoneCorp/go-stdlog is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a cluster o...
Malicious Package
Overview github.com/BufferZoneCorp/grpc-client is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a cluster...
Malicious Package
Overview github.com/BufferZoneCorp/go-weather-sdk is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a...
Malicious code in github.com/BufferZoneCorp/go-envconfig (Go)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...
MAL-2026-3633 Malicious code in knot-rack-session-store (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...
MAL-2026-3625 Malicious code in github.com/BufferZoneCorp/go-stdlog (Go)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...
Malicious code in @omni-corp-infra/sso-bridge-core (npm)
Dependency confusion and typosquatting campaign by threat actor "saif777". Packages use inflated version numbers 9999.9999.9999, 9999.9999.10000, 50.50.50, 7.66.5 to win version resolution in environments with private registries. All active packages execute a postinstall hook "node index.js" that...
Malicious code in @girirajravichandran/corp-build-utils-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82e79f342b1cd33520c8987b0307cb211e4b04694caef9c967725778e1802e94 The package @girirajravichandran/corp-build-utils-poc was found to contain malicious code...
MAL-2026-2331 Malicious code in @girirajravichandran/corp-build-utils-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82e79f342b1cd33520c8987b0307cb211e4b04694caef9c967725778e1802e94 The package @girirajravichandran/corp-build-utils-poc was found to contain malicious code...
Malicious code in corp-sign-core-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f94c959e18ab1995ded47f657c3ab5e5b8924c279ab0dc9e95f42ca2dc36027 The package corp-sign-core-js was found to contain malicious code...