Malicious code in uxproject11 (npm)

Collects and exfiltrates sensitive system information to suspicious domains. Multiple YARA rules are triggered. High entropy file. Extension mismatch. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b478ab519bbd87949cad8be7d77296e0eddd01aa0be1b4b168ed2f6a0f7413...

MAL-2026-1234 Malicious code in uxproject11 (npm)

Collects and exfiltrates sensitive system information to suspicious domains. Multiple YARA rules are triggered. High entropy file. Extension mismatch. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b478ab519bbd87949cad8be7d77296e0eddd01aa0be1b4b168ed2f6a0f7413...

FedPoisonTTP: A Threat Model and Poisoning Attack for Federated Test-Time Personalization

Test-time personalization in federated learning enables models at clients to adjust online to local domain shifts, enhancing robustness and personalization in deployment. Yet, existing federated learning work largely overlooks the security risks that arise when local adaptation occurs at test tim...

LexiMark: Robust Watermarking via Lexical Substitutions to Enhance Membership Verification of an LLM's Textual Training Data

Large language models LLMs can be trained or fine-tuned on data obtained without the owner's consent. Verifying whether a specific LLM was trained on particular data instances or an entire dataset is extremely challenging. Dataset watermarking addresses this by embedding identifiable modification...

Spill the Beans: Exploiting CPU Cache Side-Channels to Leak Tokens from Large Language Models

Side-channel attacks on shared hardware resources increasingly threaten confidentiality, especially with the rise of Large Language Models LLMs. In this work, we introduce Spill The Beans, a novel application of cache side-channels to leak tokens generated by an LLM. By co-locating an attack...

Crypto-NcRNA: Non-Coding RNA (NcRNA) Based Encryption Algorithm

In the looming post-quantum era, traditional cryptographic systems are increasingly vulnerable to quantum computing attacks that can compromise their mathematical foundations. To address this critical challenge, we propose crypto-ncRNA-a bio-convergent cryptographic framework that leverages the...

PT-2023-26384 · Unknown · Rws Worldserver

Name of the Vulnerable Software and Affected Versions: RWS WorldServer versions 11.7.3 and earlier Description: Session tokens in RWS WorldServer have a low entropy and can be enumerated, leading to unauthorized access to user sessions. Recommendations: For RWS WorldServer versions 11.7.3 and...

Sandfly-Entropyscan - Tool To Detect Packed Or Encrypt ed Binaries Related To Malware, Finds Malicious Files And Linux Processes And Gives Output With Cryptographic Hashes

What is sandfly-entropyscan? sandfly-entropyscan is a utility to quickly scan files or running processes and report on their entropy measure of randomness and if they are a Linux/Unix ELF type executable. Some malware for Linux is packed or encrypted and shows very high entropy. This tool can...

Authentication flaw

authentik is an open-source Identity Provider focused on flexibility and versatility. Versions prior to 2022.11.4 and 2022.10.4 are vulnerable to Improper Authentication. Token reuse in invitation URLs leads to access control bypass via the use of a different enrollment flow than in the one...

Google Chrome 78.0.3904.70 - Remote Code Execution Exploit

Exploit Title: Google Chrome 78.0.3904.70 - Remote Code Execution Exploit Author: deadlock Forrest Orr Type: RCE Platform: Windows Website: https://forrest-orr.net Twitter: https://twitter.com/ForrestOrr Vendor Homepage: https://www.google.com/chrome/ Software Link:...

Google Chrome 78.0.3904.70 - Remote Code Execution

Exploit Title: Google Chrome 78.0.3904.70 - Remote Code Execution Date: 2022-05-03 Exploit Author: deadlock Forrest Orr Type: RCE Platform: Windows Website: https://forrest-orr.net Twitter: https://twitter.com/ForrestOrr Vendor Homepage: https://www.google.com/chrome/ Software Link:...

Google Chrome 78.0.3904.70 Remote Code Execution

Exploit Title: Google Chrome 78.0.3904.70 - Remote Code Execution Date: 2022-05-03 Exploit Author: deadlock Forrest Orr Type: RCE Platform: Windows Website: https://forrest-orr.net Twitter: https://twitter.com/ForrestOrr Vendor Homepage: https://www.google.com/chrome/ Software Link:...

truffleHog - Searches Through Git Repositories For High Entropy Strings And Secrets, Digging Deep Into Commit History

Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed. Join The Slack Have questions? Feedback? Jump in slack and hang out with me...

Mozilla Firefox 67 Array.pop JIT Type Confusion

Exploit Title: Mozilla Firefox 67 - Array.pop JIT Type Confusion Date: 2021-12-07 Type: RCE Platform: Windows Exploit Author: deadlock Forrest Orr Author Homepage: https://forrest-orr.net Vendor Homepage: https://www.mozilla.org/en-US/ Software Link:...

PoC for high-entropy ASLR bypass via MemoryProtector

high-entry ASLR Bypass Recent assessments: busterb at May 09, 2019 5:57pm UTC reported: ASLR Bypass, vendor says they would fix in next versions. Assessed Attacker Value: 2 Assessed Attacker Value: 2Assessed Attacker Value: 1...

CVE-2018-8435

A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...

CVE-2018-8435

A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...

Windows Hyper-V Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source. To exploit this vulnerability, an attacker would need to reboot a guest virtual machine numerous times until the vulnerability is triggered. The security update addresses the...

LockCrypt ransomware: weakness in code can lead to recovery

At the start of the year, it seemed that 2018 was going to be all about cryptominers. They so overwhelmingly dominated the landscape that it looked like no other threat had a chance. However, ransomware is not giving up the field so fast. There have been new variants popping up every couple of...

truffleHog - Searches Through Git Repositories For High Entropy Strings And Secrets, Digging Deep Into Commit History

Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed. NEW Trufflehog previously functioned by running entropy checks on git diffs. This functionality still exists, but high signal regex checks hav...