Malicious code in solanakit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e8770458eab636335241e359b6cee149cc00640fb2418b4462c89ec88accc93 During import, the code downloads and starts a malicious package hosted on GitHub. It then first ensures persistency e.g., through the autostart registry key...

MAL-2026-2837 Malicious code in solanakit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e8770458eab636335241e359b6cee149cc00640fb2418b4462c89ec88accc93 During import, the code downloads and starts a malicious package hosted on GitHub. It then first ensures persistency e.g., through the autostart registry key...

Malicious code in chainutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 149995e4a1c4d289fa58be2adcab4095dca7c429097ad6735afef8270e7e4cb3 During import, package triggers malicious code. First, it ensures persistency e.g., through the autostart registry key. Then, based on the encrypted config, an...

Malicious code in genosys (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2fb27cde30ea3d834e3160e37c203a1f8a271435cf92316a990766c5b8b9791c The campaign is built from a benign-like package e.g. genosys and the malicious dependency e.g. pynosist. The dependency uses a PTH file to trigger malicious...

CVE-2026-30791 RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...

CVE-2026-30791 RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...

PT-2025-52259

Name of the Vulnerable Software and Affected Versions ScreenConnect versions prior to 1.0.12 Description In deployments utilizing the Certificate Signing Extension, encrypted configuration values, potentially including an Azure Key Vault-related key, could be disclosed to unauthenticated users vi...

[SECURITY] Fedora 34 Update: golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc34

Store and retrieve encrypted configs from etcd or consul...

New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app

This blog post was authored by Hossein Jazi, Thomas Reed and Jérôme Segura. We recently identified what we believe is a new variant of the Dacls Remote Access Trojan RAT associated with North Korea's Lazarus group, designed specifically for the Mac operating system. Dacls is a RAT that was...

DEBIAN-CVE-2017-3225

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt...

CVE-2013-7030

The TFTP service in Cisco Unified Communications Manager aka CUCM or Unified CM allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discovering a cleartext UseUserCredential field in an SPDefault.cnf.xml file. NOTE: the vendor reportedly...

PT-2013-6248 · Cisco · Cisco Unified Communications Manager

Name of the Vulnerable Software and Affected Versions: Cisco Unified Communications Manager affected versions not specified Description: The TFTP service allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discovering a cleartext...