MAL-2026-4520 Malicious code in class-blend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3876854a76bda6892f76b9b44c67e066bfc6315a7e3d27431137727ff0ee728 The package advertises itself as a clsx/twMerge-style class-name merging utility, but the exported applyGlobalStylespalette, accents function contain...

Malicious code in events-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5482b17f0abd8f4ae8fed4fa5c53ea035a15b252efec406ae65dfe3365a7412 [email protected] impersonates the events EventEmitter polyfill README and Travis badge copied verbatim from browserify/events and ships a...

EUVD-2026-28398

A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated or weakly authenticated access to privileged functionality. The backdoor is undocumented, cannot be disabled via user-facing settings, and survives factory reset and ordinary firmware updates...

CVE-2026-7413 Persistent undocumented backdoor access in Yarbo robot

A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated or weakly authenticated access to privileged functionality. The backdoor is undocumented, cannot be disabled via user-facing settings, and survives factory reset and ordinary firmware updates...

PT-2026-38458

Name of the Vulnerable Software and Affected Versions Yarbo version 2.3.9 Description A hidden, persistent backdoor provides remote, unauthenticated or weakly authenticated access to privileged functionality. This backdoor is undocumented, cannot be disabled through user-facing settings, and...

Yarbo 安全漏洞

Yarbo is a modular intelligent courtyard maintenance robot developed by the American company Yarbo. Version 2.3.9 of Yarbo contains a security vulnerability. This vulnerability stems from a hidden persistent backdoor, which may allow unauthorized, remote access with weak authentication to...

How real software downloads can hide remote backdoors

It starts with a simple search. You need to set up remote access to a colleague’s computer. You do a Google search for “RustDesk download,” click one of the top results, and land on a polished website with documentation, downloads, and familiar branding. You install the software, launch it, and...

CVE-2023-53895 PimpMyLog 1.7.14 Improper Access Control via Account Creation Endpoint

PimpMyLog 1.7.14 contains an improper access control vulnerability that allows remote attackers to create admin accounts without authorization through the configuration endpoint. Attackers can exploit the unsanitized username field to inject malicious JavaScript, create a hidden backdoor account,...

EUVD-2018-10201

Malware in sbrugna...

CVE-2010-20103

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows...

CVE-2010-20103

The CVE-2010-20103 issue concerns ProFTPD 1.3.3c, where a backdoor was embedded in the official source tarball (distributed between 2010-11-28 and 2010-12-02). The backdoor provides a hidden FTP command trigger allowing remote, unauthenticated attackers to execute arbitrary shell commands with ro...

PT-2025-34100 · Undefined · Undefined

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows...

Malicious code in helmet-fastapi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c1f805932ecbcd95197e98c6e2336eb773252abf5615fe135076d1848cb90395 Package contains hidden code adding a backdoor - a WebSocket path handler which will execute commands sent by an attacker knowing the path. In addition, it add...

ABB Cylon FLXeon 9.3.4 runtimeSetup.sh Hidden Backdoor Account Vulnerability

ABB Cylon FLXeon version 9.3.4 has a hidden administrative account cxpro that has write access permissions to the device. ABB Cylon FLXeon 9.3.4 runtimeSetup.sh Hidden Backdoor Account Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi...

CVE-2024-6045 D-Link router - Hidden Backdoor

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing th...

LofyGang Distributed ~200 Malicious NPM Packages to Steal Credit Card Data

Multiple campaigns that distributed trojanized and typosquatted packages on the NPM open source repository have been identified as the work of a single threat actor dubbed LofyGang. Checkmarx said it discovered 199 rogue packages totaling thousands of installations, with the group operating for...

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Hidden Backdoor Account (Write Access) Vulnerability

Exploit Title: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Hidden Backdoor Account Write Access Exploit Author: LiquidWorm Vendor Homepage: https://www.fatpipeinc.com FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Hidden Backdoor Account Write Access Vendor: FatPipe Networks Inc. Product web page:...

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Backdoor Account

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Hidden Backdoor Account Write Access Vendor: FatPipe Networks Inc. Product web page: https://www.fatpipeinc.com Affected version: WARP / IPVPN / MPVPN 10.2.2r38 10.2.2r25 10.2.2r10 10.1.2r60p82 10.1.2r60p71 10.1.2r60p65 10.1.2r60p58s1 10.1.2r60p58...

ECOA Building Automation System - Hidden Backdoor Accounts and backdoor() Function

Exploit Title: ECOA Building Automation System - Hidden Backdoor Accounts and backdoor Function Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Hidden Backdoor Accounts and backdoor Function Vendor: ECOA Technologies Corp...

Malicious Package

libari is a malicious package. The package contains a hidden backdoor which would activate when the libraries are installed on Linux systems...