Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the US company wolfSSL, designed for developers working with embedded systems. There is a security vulnerability in wolfSSL, which stems from the PKCS7 implementation in the wcPKCS7DecryptOri function. This...

ChaCha20‑Poly1305 AEAD Production Decryptor

This C implementation provides a secure ChaCha20‑Poly1305 decryption function fully compliant with RFC 8439...

xtream-ui-security-audit

🔐 Xtream UI Security Audit & Exploitation Framework !Python...

Norton Crack Midnight Ransomware, Release Free Decryptor

Norton finds a flaw in the new Midnight ransomware built from Babuk code and releases a free decryptor to help victims recover files without paying a ransom...

Multi-Copy Security in Unclonable Cryptography

Unclonable cryptography leverages the quantum no-cloning principle to copy-protect cryptographic functionalities. While most existing works address the basic single-copy security, the stronger notion of multi-copy security remains largely unexplored. We introduce a generic compiler that upgrades...

EUVD-2015-8960

Malware in sbrugna...

PyInstaller has local privilege escalation vulnerability

Impact Due to a special entry being appended to sys.path during the bootstrap process of a PyInstaller-frozen application, and due to the bootstrap script attempting to load an optional module for bytecode decryption while this entry is still present in sys.path, an application built with...

MAL-2025-15324 Malicious code in backup-decryptor (npm)

The package backup-decryptor was found to contain malicious code...

Malicious code in backup-decryptor (npm)

The package backup-decryptor was found to contain malicious code...

FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant

Cybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to their files for free. "Because the ransomware is now considered dead, we released the decryptor for public download," Gen Digital researcher Ladislav Zezula said. FunkSec,...

MAL-2025-4689 Malicious code in keypair-decryptor-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 28b7a13ea11bbb26ce1785b3784f6dcd3470a60ad16e2235d40089c17023e8e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in keypair-decryptor-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 28b7a13ea11bbb26ce1785b3784f6dcd3470a60ad16e2235d40089c17023e8e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Bitdefender Finds New ShrinkLocker Ransomware, Releases Its Decryptor Tool

Bitdefender has released a free decryptor for ShrinkLocker ransomware, which exploits Windows BitLocker to encrypt systems. Discover all…...

Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims

Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker's inner workings, allowing the researchers to discover a "specific window of...

BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave

The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. "The BlackByte ransomware group continues to leverage...

MAL-2024-2605 Malicious code in leveldb-decryptor (npm)

False positive caused by problematic ingestion. --- -= Per source details. Do not edit below this line.=-...

Rhysida Ransomware’s Decryptor is Now in Action

Summary: The Rhysida ransomware-as-a-service RaaS group poses a significant global threat, targeting diverse sectors. Recently, an implementation vulnerability in the source code of the Rhysida ransomware has been discovered. By exploiting this vulnerability to reconstruct encryption keys, it...

Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims

A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest...

New Wave of Akira Ransomware Expands Arsenal with Cisco VPN Flaws

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Akira ransomware group targets Cisco VPN to breach corporate networks and leverages tools like RustDesk for stealthy access. Avasts decryptor is ineffective against the groups updated ransomware...