CVE-2026-8398

A supply chain attack compromised the official installation packages of DAEMON Tools Lite Windows versions 12.5.0.2421 through 12.5.0.2434, distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the...

Information disclosure

The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in November 2007, contains an externally introduced backdoor that e-mails sensitive information hostnames, usernames, and shell history to a fixed address...