Malicious code in aws-enumerate-iam (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 96d7eea455989a7a10bf2fafd9f9c4a2d5d9a4c2a3ec852e424885f3e51c5edb Attack targeted at users of Alibaba, AWS and Telegram via malicious packages published to PyPI. The malicious code was hidden in strategic...

Malicious code in telethon2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 2f513e1bd0172cda035284efad9368870bc46158926c112ccd7fc881e6af75be Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Malicious code in tencentcloud-python-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c79d20c4af5b69c3506d69fb847d2f5306a83433cb56e391c8dbf828e9728319 Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

OrientDB 2.2.x Remote Code Execution

This module leverages a privilege escalation on OrientDB to execute unsandboxed OS commands. All versions from 2.2.2 up to 2.2.22 should be vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...