20 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Tenable Security Center
This module collects credentials and setup information from Tenable Security Center. root or TNS user permissions are required. We don't utilize SC's builtin backup functionality as that requires SC to be shut down. The module works in 2 phases: Phase 1: gather all passwords which can be decrypte...
PyTorch Lightning 安全漏洞
PyTorch Lightning is an open-source deep learning model pre-training and fine-tuning framework developed by Lightning AI. Version 2.6.2 and 2.6.2 of PyTorch Lightning contain security vulnerabilities, which stem from the introduction of features similar to those used in credential collection...
MAL-2026-1090 Malicious code in isb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 93750cbddba7897fde1d31836971e11082ad2076012c7caf708980de45827840 Starting the module initiates an infostealer with a Telegram bot and RAT-like functionality and hardcoded credentials. The code automatically adds itself to...
EUVD-2025-31073
Malicious code in bioql PyPI...
Malicious Nx Packages in 's1ngularity' Attack Leaked 2,349 GitHub, Cloud, and AI Credentials
The maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the popular npm package and other auxiliary plugins with data-gathering capabilities. "Malicious versions of the nx package, as well as some supporting plugin...
Malicious Package
Overview tgsendduo is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for soci...
Malicious Package
Overview podu33332ss is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for...
Tenda RX2 Pro Information Disclosure Vulnerability
Tenda RX2 Pro is a high performance WiFi 6 signal amplifier from Tenda China. The Tenda RX2 Pro suffers from an information disclosure vulnerability that can be exploited by an attacker to collect credentials for authentication...
SonicWall HTTP Login Scanner
This module adds HTTP Login scanning for SonicWall NSv. It allows scanning both admin and user accounts. Module Options msf use auxiliary/scanner/sonicwall/sonicwalllogin msf auxiliarysonicwalllogin show actions ...actions... msf auxiliarysonicwalllogin set ACTION msf auxiliarysonicwalllogin show...
SonicWall HTTP Login Scanner
This module adds HTTP Login scanning for SonicWall NSv. It allows scanning both admin and user accounts. Module Options msf use auxiliary/scanner/sonicwall/loginscanner msf auxiliaryloginscanner show actions ...actions... msf auxiliaryloginscanner set ACTION msf auxiliaryloginscanner show options...
Ivanti Connect Secure HTTP Scanner
This module will perform authentication scanning against Ivanti Connect Secure Module Options msf use auxiliary/scanner/ivanti/loginscanner msf auxiliaryloginscanner show actions ...actions... msf auxiliaryloginscanner set ACTION msf auxiliaryloginscanner show options ...show and set options... m...
Avira Operations Antivirus Information Disclosure Vulnerability
Avira Operations Antivirus is a suite of antivirus software from Avira Operations. A security vulnerability exists in Avira Operations Antivirus 15.0.2005.1866 and earlier versions, which originates from a failure to validate the calling program of the Avira.PWM.NativeMessaging.exe executable use...
Taxpayers Targeted With Improved NetWire RAT Variant
A new variant of the the NetWire remote access trojan RAT is hitching a ride on IRS-themed phishing ploys targeting taxpayers in hopes of snatching victims’ credentials and tax information. The recently uncovered campaign reveals the RAT’s operators swapping up infection tactics to use a legacy...
Chef Web UI Brute Force Utility
This module attempts to login to Chef Web UI server instance using username and password combinations indicated by the USERFILE, PASSFILE, and USERPASSFILE options. It will also test for the default login admin:p@ssw0rd1. This module requires Metasploit: https://metasploit.com/download Current...
Tomcat Application Manager Login Utility
This module simply attempts to login to a Tomcat Application Manager instance using a specific user/pass. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require...
Multi Gather Firefox Signon Credential Collection
This module will collect credentials from the Firefox web browser if it is installed on the targeted machine. Additionally, cookies are downloaded. Which could potentially yield valid web sessions. Firefox stores passwords within the signons.sqlite database file. There is also a keys3.db file whi...
Multi Gather Mozilla Thunderbird Signon Credential Collection
This module will collect credentials from Mozilla Thunderbird by downloading the necessary files such as 'signons.sqlite', 'key3.db', and 'cert8.db' for offline decryption with third party tools. If necessary, you may also set the PARSE option to true to parse the sqlite file, which contains...
Multi Gather FileZilla FTP Client Credential Collection
This module will collect credentials from the FileZilla FTP client if it is installed. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'Multi Gather FileZilla FTP Client...
Multi Gather Pidgin Instant Messenger Credential Collection
This module will collect credentials from the Pidgin IM client if it is installed. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'Multi Gather Pidgin Instant Messenger...