Malicious code in http-request-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 13b29a753802db633ab987963543535999a246049761d4d29699b66edf207f13 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...

CVE-2026-2542

A weakness has been identified in Total VPN 0.5.29.0 on Windows. Affected by this vulnerability is an unknown functionality of the file C:\Program Files\Total VPN\win-service.exe. Executing a manipulation can lead to unquoted search path. It is possible to launch the attack on the local host. Thi...

CVE-2026-2542 Total VPN win-service.exe unquoted search path

A weakness has been identified in Total VPN 0.5.29.0 on Windows. Affected by this vulnerability is an unknown functionality of the file C:\Program Files\Total VPN\win-service.exe. Executing a manipulation can lead to unquoted search path. It is possible to launch the attack on the local host. Thi...

PT-2026-8316

Name of the Vulnerable Software and Affected Versions Total VPN version 0.5.29.0 Description A security issue exists in Total VPN 0.5.29.0 on Windows related to an unquoted search path within the file C:Program FilesTotal VPNwin-service.exe. This can lead to potential local privilege escalation...

Malicious code in clawdist (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3008887b6c2929530cd48dc996c91d70eb92432465d02f4ff28e6d5927350097 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

MAL-2026-909 Malicious code in clawdist (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3008887b6c2929530cd48dc996c91d70eb92432465d02f4ff28e6d5927350097 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

MAL-2026-903 Malicious code in requests-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccf88804317b4caf9661eb94c320a521f7689c5cf26a8754ec219d268fc9c873 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...

Malicious code in dzuseragents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f0be670ad8e17f42129943a744559ebb8818c581bc637c1469cf8553b7b8f8c9 The package downloads an executable and adds it to autostart. The downloaded application then periodically creates a screenshot and sends it to a Discord...

MAL-2026-899 Malicious code in dzuseragents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f0be670ad8e17f42129943a744559ebb8818c581bc637c1469cf8553b7b8f8c9 The package downloads an executable and adds it to autostart. The downloaded application then periodically creates a screenshot and sends it to a Discord...

Malicious code in magicwolf (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d4f256ccd65da42e297351fbc7c15d4f3b25789c362d0d3419d580c4e07bf34 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

MAL-2026-898 Malicious code in magicwolf (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d4f256ccd65da42e297351fbc7c15d4f3b25789c362d0d3419d580c4e07bf34 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

Malicious code in clawdest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cf31ecc1ce2cf9d018d5ea73c9ee8467f85efd2fda44d75dfd10797cb35778a2 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

MAL-2026-897 Malicious code in clawdest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cf31ecc1ce2cf9d018d5ea73c9ee8467f85efd2fda44d75dfd10797cb35778a2 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

MAL-2026-878 Malicious code in magichat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b999f3f5762dc9bcb0dc2e91ef10116a368aca535d2f07fa2519e8d64bbc0902 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

Malicious code in magichat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b999f3f5762dc9bcb0dc2e91ef10116a368aca535d2f07fa2519e8d64bbc0902 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

CVE-2025-63421

An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3 allows a local attacker to execute arbitrary code via the comeinst.exe file...

CVE-2019-25344

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators...

CVE-2019-25344

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators...

CVE-2019-25344 MobileGo 8.5.0 - Insecure File Permissions

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators...

CVE-2019-25345

Realtek IIS Codec Service 6.4.10041.133 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in the service configuration to inject malicious executables and escalate privileges on the system...