Malicious code in veloxml-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 57a2b332595fb95752df25e794528ff2dd610bf3977b8d4abd7574cb0f21cdff The package advertises fake functionality and exfiltrates the given email and basic information about the host when used. --- Category: MALICIOUS - The campaig...

MAL-2026-4862 Malicious code in veloxml-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 57a2b332595fb95752df25e794528ff2dd610bf3977b8d4abd7574cb0f21cdff The package advertises fake functionality and exfiltrates the given email and basic information about the host when used. --- Category: MALICIOUS - The campaig...

PT-2026-34019

Name of the Vulnerable Software and Affected Versions FreeScout versions prior to 1.8.213 Description An issue exists in the mailbox connection settings endpoints where the functions connectionIncomingSave and connectionOutgoingSave pass all request data directly to the mailbox fill method withou...

Malicious Package

Overview urql-introspection is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The...

CVE-2026-1280

The Frontend File Manager Plugin for WordPress is vulnerable to unauthorized file sharing due to a missing capability check on the 'wpfmsendfileinemail' AJAX action in all versions up to, and including, 23.5. This makes it possible for unauthenticated attackers to share arbitrary uploaded files v...

Malicious Package

Overview postmark-mcp is a malicious package. This is an MCP Model Context Protocol server intended to let AI assistants send emails via Postmark and it was reportedly modified to secretly exfiltrate email contents by adding a blind-copy BCC to an external domain. Note: If you have installed or...

Exploit for Cross-site Scripting in Roundcube Webmail

CVE-2024-42009 PoC: Email Capture Listener & XSS Exploit in Ro...

Exploit for Cross-site Scripting in Roundcube Webmail

XSS Exploit for Roundcube Webmail 1.6.7 CVE-2024-42009 D...

Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed

Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat APT group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022. "An analysis of this threat actor's activity reveals long-term...

Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software

The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security...

IoT devices and Linux-based systems targeted by OpenSSH trojan campaign

Cryptojacking, the illicit use of computing resources to mine cryptocurrency, has become increasingly prevalent in recent years, with attackers building a cybercriminal economy around attack tools, infrastructure, and services to generate revenue from targeting a wide range of vulnerable systems,...

State-Backed Hackers Employ Advanced Methods to Target Middle Eastern and African Governments

Governmental entities in the Middle East and Africa have been at the receiving end of sustained cyber-espionage attacks that leverage never-before-seen and rare credential theft and Exchange email exfiltration techniques. "The main goal of the attacks was to obtain highly confidential and sensiti...

Iranian State Actors Conduct Cyber Operations Against the Government of Albania

Summary The Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA are releasing this joint Cybersecurity Advisory to provide information on recent cyber operations against the Government of Albania in July and September. This advisory provides a timelin...

Iranian State Actors Conduct Cyber Operations Against the Government of Albania

CISA and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory CSA, Iranian State Actors Conduct Cyber Operations Against the Government of Albania, detailing malicious cyber operations that included ransomware and disk wiper, rendering websites and services...

Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit

A new research published by academics from KU Leuven, Radboud University, and the University of Lausanne has revealed that users' email addresses are exfiltrated to tracking, marketing, and analytics domains before such information is submitted and without prior consent. The study involved crawli...

graphite.composer.views.send_email vulnerable to SSRF

Impact sendemail in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and the...

DEBIAN-CVE-2017-18638

sendemail in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent ...

PYSEC-2019-151

sendemail in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent ...

UBUNTU-CVE-2017-18638

sendemail in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent ...

PYSEC-2019-151

sendemail in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent ...