CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Rapid7 Blog•added 2026/06/11 1:0 p.m.•27 views

Criminal AI-as-a-Service in 2026: How the Underground Market Is Operationalizing Cybercrime

Introduction The underground market for criminally oriented generative AI has moved beyond the early hype surrounding 'malicious chatbots.' The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for ful...

6.2AI score

Github Security Blog•added 2026/04/22 10:13 p.m.•9 views

OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence

Summary The OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid session token instead. In assumed breach scenarios, this behaviour can be exploited by an attacker who has already obtained a valid session token, to ga...

8.1CVSS5.8AI score0.00305EPSS

Exploits1References7Affected Software1

HackRead•added 2026/03/26 11:53 a.m.•2 views

Suspected Hijacked Developer Accounts Spread npm Malware

Sonatype uncovers a sophisticated malware campaign using hijacked npm developer accounts to steal API keys and passwords. Is your dev environment at risk?...

5.8AI score

Wiz blog•added 2026/03/23 5:38 p.m.•10 views

KICS GitHub Action Compromised: TeamPCP Strikes Again in Supply Chain Attack

Checkmarx KICS scanner is the latest victim of a credential-stealing supply chain attack by TeamPCP. Between 12:58–16:50 UTC on March 23, 35 tags were hijacked. Learn how to audit your workflows, identify malicious activity, and secure your GitHub Actions...

5.8AI score

CVE•added 2026/03/20 10:59 p.m.•12 views

CVE-2026-32663

CVE-2026-32663 involves a WebSocket backend that uses charging station identifiers to map sessions but allows multiple endpoints to connect with the same session identifier. The resulting predictable session identifiers enable session hijacking or shadowing, where a newer connection can displace ...

7.3CVSS5.8AI score0.0025EPSS

Exploits0References2Affected Software1

The Hacker News•added 2026/03/20 5:47 p.m.•6 views

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware capable of stealing sensitive CI/CD secrets. The latest incident impacted GitHub Actions "aquasecurity/trivy-action" and...

6AI score

OSSF Malicious Packages•added 2026/03/16 6:4 p.m.•7 views

Malicious code in pretty-tabulate (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 807e99c43a51fb7620cee47a356774c3ead94e75c4bc48621a942c835107b2eb Malicious code hidden in the color-list package uses the presence of pretty-tabulate as a trigger to load code hidden in likely a third malicious package...

OSV•added 2026/03/16 6:4 p.m.•4 views

MAL-2026-1480 Malicious code in pretty-tabulate (PyPI)

OSV•added 2026/03/16 6:3 p.m.•3 views

MAL-2026-1479 Malicious code in color-list (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 86ffbba2d1825f76d4c2baa6a8b7ecbe85514239934a3d7903745d17d4baf704 Malicious code hidden in the color-list package uses the presence of pretty-tabulate as a trigger to load code hidden in likely a third malicious package...

6AI score

OSSF Malicious Packages•added 2026/03/16 6:3 p.m.•6 views

Malicious code in color-list (PyPI)

GithubExploit•added 2026/03/06 9:46 a.m.•145 views

UacExploit

🛡️ UACExploit - Windows UAC Bypass Hidden This tool is a P...

HackRead•added 2026/02/16 9:37 a.m.•5 views

Google Ads and Claude AI Abused to Spread MacSync Malware via ClickFix

Cybersecurity experts at Moonlock Lab have discovered a new ClickFix attack. Hackers are using hijacked Google Ads and fake Claude AI guides to trick Mac users into installing the data-stealing MacSync malware...

5.6AI score

Malwarebytes•added 2026/02/12 2:35 p.m.•5 views

Outlook add-in goes rogue and steals 4,000 credentials and payment data

Researchers found a malicious Microsoft Outlook add-in which was able to steal 4,000 stolen Microsoft account credentials, credit card numbers, and banking security answers. How is it possible that the Microsoft Office Add-in Store ended listing an add-in that silently loaded a phishing kit insid...

5.5AI score

The Hacker News•added 2026/02/02 8:55 a.m.•15 views

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update mechanism to redirect update traffic to malicious servers instead. "The attack involved an infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•3 views

Malicious code in cosmiconfig-gemini-fornax-impulse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b29aa681b8c50ec32cd301413818a3541bdc9364e5c5128ea13536c8a835104d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

HackRead•added 2025/11/03 11:5 a.m.•4 views

YouTube ‘Ghost Network’ Spreads Infostealer via 3,000 Fake Videos

Check Point Research exposed a sophisticated, role-based operation called the YouTube Ghost Network, distributing dangerous Lumma and Rhadamanthys Infostealer malware. Learn how cybercriminals use hijacked channels and bots to triple malicious video output and steal user credentials...

7AI score