Snappier 安全漏洞

Snappier is a pure C version of the Google Snappy compression algorithm developed by Brant Burnett. Versions prior to Snappier 1.3.1 contained a security vulnerability; this vulnerability stemmed from the inability to escape an infinite loop that occurred when SnappierStream decompressed Snappy...

Malicious code in binance.csharp (NuGet)

--- -= Per source details. Do not edit below this line.=-...

PT-2025-38069

Name of the Vulnerable Software and Affected Versions Kubernetes C client versions prior to 17.0.14 Description A flaw exists in the Kubernetes C client's certificate validation logic, allowing it to accept certificates from any Certificate Authority CA without proper trust chain verification. Th...

Malicious code in jingtong-csharp-heike-zhuru-biancheng (npm)

The package jingtong-csharp-heike-zhuru-biancheng was found to contain malicious code...

MAL-2025-44781 Malicious code in jingtong-csharp-heike-zhuru-biancheng (npm)

The package jingtong-csharp-heike-zhuru-biancheng was found to contain malicious code...

New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks

Cybersecurity researchers have discovered a new malvertising campaign that's designed to infect victims with a multi-stage malware framework called PS1Bot. "PS1Bot features a modular design, with several modules delivered used to perform a variety of malicious activities on infected systems,...

Malvertising campaign leads to PS1Bot, a multi-stage malware framework

Cisco Talos has observed an ongoing malware campaign that seeks to infect victims with a multi-stage malware framework, implemented in PowerShell and C, which we are referring to as "PS1Bot." PS1Bot features a modular design, with several modules delivered used to perform a variety of malicious...

PowerShell-Suite

This is an offensive tool for Windows UAC bypass. It is a PowerShell module called "Bypass-UAC" that provides a framework to perform UAC bypasses based on auto-elevating IFileOperation COM object method calls. The tool is designed to bypass User Account Control UAC on Windows systems, allowing an...

Threat Spotlight: WarmCookie/BadSpace

WarmCookie is a malware family that emerged in April 2024 and has been distributed via regularly conducted malspam and malvertising campaigns. WarmCookie, observed being used for initial access and persistence, offers a means for continuous long-term access to compromised environments and is used...

MessagePack for C# 安全漏洞

MessagePack for C is a MessagePack serializer from the MessagePack-CSharp open source. A security vulnerability exists in MessagePack for C versions prior to 2.5.187 and versions prior to 2.6.95-alpha through 3.0.214-rc.1, which stems from a disproportionately large amount of CPU consumption duri...

PT-2024-33272 · Unknown · Messagepack-Csharp

Name of the Vulnerable Software and Affected Versions: MessagePack-CSharp versions prior to 2.5.187 and 3.0.214 Description: The vulnerability occurs when the library is used to deserialize messagepack data from an untrusted source, leading to a risk of a denial of service attack by an attacker...

CVE-2022-4952

A vulnerability has been found in OmniSharp csharp-language-server-protocol up to 0.19.6 and classified as problematic. This vulnerability affects the function CreateSerializerSettings of the file src/JsonRpc/Serialization/SerializerBase.cs of the component JSON Serializer. The manipulation leads...

CVE-2022-4952 OmniSharp csharp-language-server-protocol JSON Serializer SerializerBase.cs CreateSerializerSettings resource consumption

A vulnerability has been found in OmniSharp csharp-language-server-protocol up to 0.19.6 and classified as problematic. This vulnerability affects the function CreateSerializerSettings of the file src/JsonRpc/Serialization/SerializerBase.cs of the component JSON Serializer. The manipulation leads...

CVE-2022-4952

CVE-2022-4952 affects OmniSharp csharp-language-server-protocol up to 0.19.6. The vulnerability lies in the JSON Serializer’s CreateSerializerSettings function (SerializerBase.cs), where manipulation leads to resource consumption and potential denial of service. A fix is available in version 0.19...

OmniSharp csharp-language-server-protocol 资源管理错误漏洞

OmniSharp csharp-language-server-protocol is the C language server protocol for OmniSharp. A resource management error vulnerability exists in OmniSharp csharp-language-server-protocol prior to version 0.19.7, which stems from the file src/JsonRpc/Serialization/SerializerBase.cs where the The...

Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps

A gambling company in the Philippines was the target of a China-aligned threat actor as part of a campaign that has been ongoing since October 2021. Slovak cybersecurity firm ESET is tracking the series of attacks against Southeast Asian gambling companies under the name Operation ChattyGoblin...

PT-2022-6762 · Unknown · Csharp-Language-Server-Protocol

Name of the Vulnerable Software and Affected Versions: csharp-language-server-protocol versions up to 0.19.6 Description: The issue is related to the function CreateSerializerSettings of the JSON Serializer component, which can lead to resource consumption when manipulated. This can potentially...

Koh - The Token Stealer

Koh is a C and Beacon Object File BOF toolset that allows for the capture of user credential material via purposeful token/logon session leakage. Some code was inspired by Elad Shamir's Internal-Monologue project no license, as well as KB180548. For why this is possible and Koh's approeach, see t...

SharpWSUS - CSharp tool for lateral movement through WSUS

SharpWSUS is a CSharp tool for lateral movement through WSUS. There is a corresponding blog https://labs.nettitude.com/blog/introducing-sharpwsus/ which has more detailed information about the tooling, use case and detection. Credits Massive credit to the below resources that really did 90% of th...

PowerSharpPack - Many usefull offensive CSharp Projects wraped into Powershell for easy usage

Many usefull offensive CSharp Projects wraped into Powershell for easy usage. Why? In my personal opinion offensive Powershell is not dead because of AMSI, Script-block-logging, Constrained Language Mode or other protection features. Any of these mechanisms can be bypassed. Since most new...