vpn_exploitation_tool

AD + Citrix VPN Data Harvester Modular Java tool for testing...

Malicious code in solanacore (npm)

The package contains several malicious PowerShell and VBS scripts used to harvest browser data, take screenshots, log keystrokes, and establish startup persistence. It also bundles a password stealer and exfiltrates stolen data via Slack and Discord webhooks. --- -= Per source details. Do not edi...

PT-2024-40533 · Microsoft +2 · Windows +2

Name of the Vulnerable Software and Affected Versions: gratient version 0.5 Description: The issue concerns a user-facing library used for generating color gradients of text, which contained obfuscated, malicious code in version 0.5. This malicious code targets Windows platforms, harvesting...

PT-2024-40896 · Microsoft +2 · Windows +2

Name of the Vulnerable Software and Affected Versions: gratient version 0.5 Description: The issue concerns malicious code embedded in the library, which targets Windows platforms. This code is capable of harvesting information and credentials from the user's system and sending them to a remote...

Malicious PyPI Packages Using Cloudflare Tunnels to Sneak Through Firewalls

In yet another campaign targeting the Python Package Index PyPI repository, six malicious packages have been found deploying information stealers on developer systems. The now-removed packages, which were discovered by Phylum between December 22 and December 31, 2022, include pyrologin,...

data-harvest.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-691655 Description| Value ---|--- Affected Website:| data-harvest.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidd...