Lucene search
K

368 matches found

Nuclei
Nuclei
added 18 hours ago112 views

Cobbler - Authentication Bypass

Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ and possibly even older versions, may be vulnerable to an authentication bypass vulnerability in XMLRPC API /cobblerapi that can result in privilege escalation, data manipulation or exfiltration, and LDAP credential harvesting...

9.8CVSS7.1AI score0.12484EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday3 views

Malicious code in ts-eslint-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e1ffed26d2d64bf9076210504de22b87e27a065821dedbc708fb05f7c47db74 The package [email protected] presents as a TypeScript/ESLint/Jest helper but ships lib/collect.js, which imports childprocess and invokes...

6.1AI score
Exploits0References2
The Hacker News
The Hacker News
added yesterday15 views

GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses

Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy. According to a new report published by the Threat Hunter Team from Symantec, the ransomware was first...

6AI score
Exploits0
OSV
OSV
added 2026/07/02 12:0 a.m.3 views

MAL-2026-6775 Malicious code in @marketfront/digitalherobannercarousel (npm)

The @marketfront/digitalherobannercarousel package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/02 12:0 a.m.5 views

Malicious code in @marketfront/mychatspreloader (npm)

The @marketfront/mychatspreloader package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and us...

6.2AI score
Exploits0References2
OSV
OSV
added 2026/07/02 12:0 a.m.3 views

MAL-2026-6777 Malicious code in @marketfront/errorcounter (npm)

The @marketfront/errorcounter package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-508 Compromise of PyTorch Lightning PyPi Package Versions

Security Advisory: Compromise of PyTorch Lightning PyPI Package Versions Published: 2026-04-30 Last Updated: 2026-05-12 Github Advisory: CVE-2026-44484 We have identified a security incident affecting certain versions of one of our PyPI packages. What happened We have determined that one or more...

9.8CVSS5.9AI score0.00392EPSS
Exploits0References5
OSV
OSV
added 2026/06/27 7:12 p.m.13 views

MAL-2026-6548 Malicious code in ts-ankle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1695e2ffa9252abe1053fc13895a071bd87cb27eb009eeb2262aae1a27da4ea5 On npm install, [email protected] runs a postinstall hook node test.js that executes two hostile flows against the installer's machine without user...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/26 4:48 p.m.5 views

PYSEC-2026-236 Malicious code in pyphetools (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of pyphetools were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates credentials and...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/26 2:23 p.m.3 views

PYSEC-2026-235 Malicious code in ppkt2synergy (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of ppkt2synergy were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates credentials an...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/26 2:17 p.m.4 views

PYSEC-2026-234 Malicious code in phenopacket-store-toolkit (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of phenopacket-store-toolkit were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/25 2:59 p.m.3 views

PYSEC-2026-233 Malicious code in gpsea (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of gpsea were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates credentials and...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/25 2:36 p.m.6 views

PYSEC-2026-231 Malicious code in embiggen (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of embiggen were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates credentials and...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/24 2:1 p.m.4 views

PYSEC-2026-232 Malicious code in ensmallen (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of ensmallen were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates credentials and...

5.8AI score
Exploits0References3
The Hacker News
The Hacker News
added 2026/06/23 6:20 p.m.53 views

FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation

A Russian-speaking initial access broker IAB driven by financial gain is assessed to be behind a large-scale credential-harvesting operation known as FortiBleed that has targeted over 430,000 FortiGate firewalls globally. The campaign, active since February 2026, involves collecting credential...

6AI score
Exploits0
OSV
OSV
added 2026/06/23 4:11 p.m.7 views

MAL-2026-6317 Malicious code in ts-bn-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e591f0b407bc22e3abe20da9207df2d2922f75d98ab97aaa62557ca88b8fc349 [email protected] is a credential harvester disguised as a TypeScript/lint utility. index.js defines decodeStr which base64-decodes all operationally...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/23 3:50 p.m.16 views

MAL-2026-6327 Malicious code in security-alerts-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f881805b709189d00bc52dc57c407bfecdae44fb343f92634a301c31525f6b0 Despite advertising itself as a breach-monitoring SDK, this package executes a remote-access trojan and credential harvester against any installer th...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/23 3:21 p.m.7 views

MAL-2026-6301 Malicious code in date-format-helper2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66c1775ce65ad47476ee1a0f1c7c5373e61466ec3eb4543cc658e67d2de22960 Package is advertised as a React date-formatting utility, but its postinstall.js performs targeted credential harvesting on npm install. The script...

5.8AI score
Exploits0References8
EUVD
EUVD
added 2026/06/23 10:50 a.m.7 views

EUVD-2026-38424

Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without security headers such as Content-Security-Policy or Content-Disposition: attachment. This allows an attacker to publish an extension with a maliciou...

4.1CVSS5.9AI score0.00226EPSS
Exploits1References1
OSV
OSV
added 2026/06/22 9:53 p.m.9 views

MAL-2026-6273 Malicious code in zod-pino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c536e5a7ee3d5542e1ac822b30ba4525e52b2ae0c964d0c2470468d91b9b41c8 The package is published under a name suggesting a Pino logger integration for Zod, but the tarball contents do not match that purpose and exhibit...

5.9AI score
Exploits0References6
Rows per page
Query Builder