EUVD-2025-5209

Malicious code in bioql PyPI...

Experts Find Shared Codebase Linking Morpheus and HellCat Ransomware Payloads

An analysis of HellCat and Morpheus ransomware operations has revealed that affiliates associated with the respective cybercrime entities are using identical code for their ransomware payloads. The findings come from SentinelOne, which analyzed artifacts uploaded to the VirusTotal malware scannin...

FujiFilm printer credentials encryption issue fixed

TL;DR Many multi-function printers made by FujiFilm Business Innovation Corporation Fujifilm which includes Apeos, ApeosPro, PrimeLink and RevoriaPress brands as well as Xerox Corporation Xerox which includes VersaLink, PrimeLink, and WorkCentre brands, allow administrators to store credentials o...

TerraLdr - A Payload Loader Designed With Advanced Evasion Features

TerraLdr: A Payload Loader Designed With Advanced Evasion Features Details: no crt functions imported syscall unhooking using KnownDllUnhook api hashing using Rotr32 hashing algo payload encryption using rc4 - payload is saved in .rsrc process injection - targetting 'SettingSyncHost.exe' ppid...

PT-2022-18604 · Unknown · Octopus Server

Name of the Vulnerable Software and Affected Versions: Octopus Server affected versions not specified Description: The issue arises from the use of the same encryption process for both session cookies and variables in affected versions of the software. Recommendations: At the moment, there is no...

Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware

Cybersecurity researchers have reiterated similarities between the latest iteration of the LockBit ransomware and BlackMatter, a rebranded variant of the DarkSide ransomware strain that closed shop in November 2021. The new version of LockBit, called LockBit 3.0 aka LockBit Black, was released in...

Free HermeticRansom Ransomware Decryptor Released

A free decryptor is out to unlock a ransomware found piggybacking on the HermeticWiper data wiper malware that ESET and Broadcom’s Symantec discovered targeting machines at financial, defense, aviation and IT services outfits in Ukraine, Lithuania and Latvia last week. The fact that there was...

CVE-2021-38461

The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key can be easily extracted from binaries...

Hardcoded credentials

The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key can be easily extracted from binaries...

‘Black Rose Lucy’ is Back, Now Pushing Ransomware

Cybercriminals behind the Android-based dropper malware Black Rose Lucy have shifted attacks from info-stealing to ransomware – with a sextortion twist. The malware family, operated by the Lucy Gang, encrypts targeted Android devices and delivers a spoofed FBI message. The ransom note claims the...

Researchers Warn of Novel PXJ Ransomware Strain

Researchers have discovered a new strain of ransomware, dubbed “PXJ,” which emerged in the wild in early 2020. While PXJ performs functions similar to other ransomware variants, it does not appear to share the same underlying code with most known ransomware families, researchers said. They first...

Threat Analysis Unit (TAU) Threat Intelligence Notification: Snatch Ransomware

During the end of the year 2019, a ransomware named ‘Snatch” was discovered. Snatch ransomware will force Windows to reboot in Safe Mode where most of the software and system drivers will not be running in order to perform the file encryption process. Similar to the other variants of ransomware, ...

CB TAU Threat Intelligence Notification: RobbinHood Ransomware Stops 181 Windows Services Before Encryption

According to source articles, RobbinHood ransomware has been discovered and it will stop 181 Windows services prior to the encryption taking place. It is thought that the ransomware might not be distributed through a typical spam campaign, but instead via other methods such as hacked remote deskt...

New Variant of KeyPass Ransomware Discovered

A new variant of the KeyPass ransomware has been gaining traction in August and is using new techniques like manual control to customize its encryption process, researchers said Monday. Researchers at Kaspersky Lab who posted about the trojan said that it is being propagated by means of fake...

Setting a custom FileVault (macOS FDE) passphrase

FileVault 2 is the full-disk encryption system of macOS. Normally, it's turned on from System Preferences, and locks the disk with the passwords of all the users allowed to unlock the machine. Overloading the login/unlock/sudo password is an understandable UX simplicity choice, but makes it very...

Android development APP end common security vulnerability interpretation-sensitive information disclosure vulnerability-vulnerability warning-the black bar safety net

As is known, Android system because of its open-source, open, flexible feature allows the smartphone industry with the rapid progress, the cut-off 2 0 1 5 in the fourth quarter, Android smartphone market share reached 8 0. 7%, but at the same time, Android Open, Open Source advantage from another...

Technology sharing: the CBC, Padding Oracle attack re-interpretation, how to break HTTPS-bug warning-the black bar safety net

Why is a re-interpretation? Now about the Padding Oracle attack presentation, the better the articles including the content, are taken from this article in foreign languages. However, the text in the discussion a key issue of how to confirm the Padding bits, and no mention, which makes many puris...

shopex the latest version front an unexpected SQL injection vulnerability-vulnerability warning-the black bar safety net

shopex code The core of the place to do the encryption process, to find loopholes just need a little imagination, such as thisSQL injection... Exists in the user registrycan't think of the location? /core/shop/controller/ctl.passport.php 2 6 7 row if !$ info = $account-create$POST,$message ... 2...