Malicious code in nolimit-x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc9b808348f8faf797b0aedc8863482566b3d4a244c20c65f2e65632627a87bd The package places 40+ heavily obfuscated JavaScript files 0xNNNNNN hex-mangled identifiers throughout inside a hidden .ad/ directory at the tarball...

MAL-2026-4621 Malicious code in nolimit-x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc9b808348f8faf797b0aedc8863482566b3d4a244c20c65f2e65632627a87bd The package places 40+ heavily obfuscated JavaScript files 0xNNNNNN hex-mangled identifiers throughout inside a hidden .ad/ directory at the tarball...

MAL-2026-3767 Malicious code in node-ci-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1593e77b5e2763e7ace49c239accedfe30209faea11bc07cf3901a7253798444 On require'node-ci-utils', index.js runs a top-level init that, on Linux, creates a hidden directory /.local/share/.nodecache/, downloads an opaque...

Malicious code in node-ci-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1593e77b5e2763e7ace49c239accedfe30209faea11bc07cf3901a7253798444 On require'node-ci-utils', index.js runs a top-level init that, on Linux, creates a hidden directory /.local/share/.nodecache/, downloads an opaque...

Eclipse Vert.x 安全漏洞

Eclipse Vert.x is an Eclipse Foundation toolkit for building responsive applications on the JVM. A security vulnerability exists in Eclipse Vert.x versions 4.0.0 through 4.5.21 and 5.0.0 through 5.0.4, which stems from the inability of the StaticHandler configuration to restrict access to a hidde...

Exploit for CVE-2025-10353

CVE-2025-10353 - File Upload RCE PoC 🛠️ Exploit for CVE-202...

EUVD-2007-4766

Malware in sbrugna...

EUVD-2006-0174

Malware in sbrugna...

EUVD-2001-0936

Malware in sbrugna...

ROS-20230825-03

A vulnerability in the Libarchive library is related to the umask call inside archivewritediskposix.c, which changes the umask of the entire process for a very short period of time, this results in a permanent setting of umask 0, which will cause the hidden creation of a directory with permission...

DFShell - The Best Forwarded Shell

██████╗ ███████╗███████╗██╗ ██╗███████╗██╗ ██╗ ██╔══██╗██╔════╝██╔════╝██║ ██║███╔═══╝██║ ██║ ██║ ██║█████╗ ███████╗███████║█████╗ ██║ ██║ ██║ ██║██╔══╝ ╚════██║██╔══██║██╔══╝ ██║ ██║ ██████╔╝██║ ███████║██║ ██║███████╗████████╗███████╗ ╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝╚══════╝╚══════╝╚══════╝ D3Ext's...

Siemens APOGEE PXC / TALON TC Authentication Bypass

!/usr/bin/env python3 -- coding: utf-8 -- 2022-05-23 Standard Modules from metasploit import module Extra Dependencies dependenciesmissing = False try: import logging import requests import requests import xmltodict import xml.etree.ElementTree as ET import socket import struct import requests...

Siemens APOGEE PXC / TALON TC Authentication Bypass Exploit

APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers and TALON TC BACnet Automation Controllers. With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or...

Backdoor.Win32.DarkKomet.gozu Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/00199eb3fd1a0aa6771b7f12fad895a0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.gozu Vulnerability: Insecure Permissions Description: Creates a hidden dir...

Trojan-Spy.Win32.SpyEyes.elr Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/025d07f4610605031e501e6745d663aa.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.SpyEyes.elr Vulnerability: Insecure Permissions Description: The malware creates an...

Backdoor.Win32.DarkKomet.bhfh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2e507b75c0df0fcb2f9a85f4a0c1bc04.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.bhfh Vulnerability: Insecure Permissions Description: DarkKomet.bhfh create...

Trojan-Spy.Win32.SpyEyes.auqj Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ea6ed38ab5264cd92f0d42eb020e87d8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.SpyEyes.auqj Vulnerability: Insecure Permissions EoP Description: SpyEyes.auqj...

h1-ctf: HackyHolidays H1 CTF Writeup

HackyHolidays Day 1 Once the CTF started and the Grinch released the scope hackyholidays.h1ctf.com, I started the CTF by a good old Nmap scan, to see whats running on the server. So the nmap command looked like nmap -sC -sV -oA nmap hackyholidays.h1ctf.com/. The result showed a promising entry...

FTP Attack - Hidden Directory Created

Binary data 6214.prm...

CVE-2007-4785

Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory...