How searching for a VPN could mean handing over your work login details

This blog is about how trying to do the “right thing” can lead you straight into a trap. People searching for a VPN ended up downloading credential-stealing malware. From the victim’s perspective, their trust was exploited at every step: trust in search engines, in familiar logos, in digital...

OESA-2026-1213 opencc security update

Opencc is for between Traditional Chinese and Simplified Chinese characters and phrases conversion library. Security Fixes: A vulnerability was found in BYVoid OpenCC up to 1.1.9 and classified as critical. Using CWE to declare the problem leads to CWE-122. A heap overflow condition is a buffer...

Exploit for CVE-2025-13390

WP Directory Kit /dev/null echo "+ Auto-login successful"...

Malicious code in kertash (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3cb3ef6da7e0d1c1461bb944c5ff0e356b73e52d271afa9e94435097f1d0764f When using methods from the package, it downloads an obfuscated code from Github and puts it in multiple localisation. While it appears that this code is used ...

Creating a Large Text File Viewer by Vibe Coding with Visual Studio Code, Cline, OpenRouter, and Claude 3.7

I just created another Windows 10/11 application using AI. This is a follow-up to the SquareCap program I posted about a few weeks ago. The problem I was trying to solve this time was opening and searching extremely large text files. I used to use the old Mandiant Highlighter program for this, bu...

Exploit for Path Traversal in Gradio_Project Gradio

CVE-2024-1728 CVE-2024-1728 POC A serious vulnerability has be...

IpGeo - Tool To Extract IP Addresses From Captured Network Traffic File

IpGeo is a python tool to extract IP addresses from captured network traffic file pcap/pcapng and generate csv report containing details about the geolocation of each ip in the packets. The report contains: 1. Country: 2. Country Code. 3. Region 4. Region Name 5. City 6. Zip 7. Latitude 8...

Sharperner - Simple Executable Generator With Encrypted Shellcode

Sharperner is a tool written in CSharp that generate .NET dropper with AES and XOR obfuscated shellcode. Generated executable can possibly bypass signature check but I cant be sure it can bypass heuristic scanning. Features PE binary Process Hollowing PPID Spoofing Random generated AES key and iv...

Waybackurls - Fetch All The URLs That The Wayback Machine Knows About For A Domain

Accept line-delimited domains on stdin, fetch known URLs from the Wayback Machine for .domain and output them on stdout. Usage example: ▶ cat domains.txt | waybackurls urls Install: ▶ go get github.com/tomnomnom/waybackurls Credit This tool was inspired by @mhmdiaa's waybackurls.py script. Thanks...

PyLocky Ransomware Decryption Tool Released — Unlock Files For Free

If your computer has been infected with PyLocky Ransomware and you are searching for a free ransomware decryption tool to unlock or decrypt your files—your search might end here. Security researcher Mike Bautista at Cisco's Talos cyber intelligence unit have released a free decryption tool that...