Trojan Horses in Recruiting: A Red-Teaming Case Study on Indirect Prompt Injection in Standard Vs. Reasoning Models

As Large Language Models LLMs are increasingly integrated into automated decision-making pipelines, specifically within Human Resources HR, the security implications of Indirect Prompt Injection IPI become critical. While a prevailing hypothesis posits that "Reasoning" or "Chain-of-Thought" Model...

Malware Detection through Memory Analysis

This paper summarizes the research conducted for a malware detection project using the Canadian Institute for Cybersecurity's MalMemAnalysis-2022 dataset. The purpose of the project was to explore the effectiveness and efficiency of machine learning techniques for the task of binary classificatio...

MiracleLinux 3 : libtool-1.5.22-7AXS3 (AXSA:2009-430:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-430:01 advisory. GNU Libtool is a set of shell scripts which automatically configure UNIX and UNIX-like systems to generically build shared libraries. Libtool provides a...

MiracleLinux 3 : gcc-4.1.2-46.2.1 (AXSA:2010-86:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-86:01 advisory. The gcc package contains the GNU Compiler Collection version 4.1. You will need this package in order to compile C code. Security issues fixed with this update...

CVE-2023-31468

An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 Runtime RT7.3 RC3 20221209.5. The "%PROGRAMFILESX86%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version...

CVE-2018-18654

Crossroads 2.81 does not properly handle the /tmp directory during a build of xr. A local attacker can first create a world-writable subdirectory in a certain location under the /tmp directory, wait until a user process copies xr there, and then replace the entire contents of this subdirectory to...

CVE-2021-33393

lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfire/backup/bin/backup.pl is owned by the root account. It might be owned by an unprivileged account, which could potentially be used to install a Trojan horse backup.pl script that is later executed by root. Similar problems with the...

CVE-2019-18895

Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory, leading to privilege escalation via a Trojan horse executable file...

CVE-2019-18822

A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account i.e., the account under which the program runs - by default, the callrec account to elevate privileges to root by abusing the [email protected]. The [email protected] starts the /opt/callrec/bin/rs binar...

CVE-2019-20384

Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners...

CVE-1999-0661

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as 1 TCP Wrappers 7.6, 2 util-linux 2.9g, 3 wuarchive ftpd wuftpd 2.2 and 2.1f, 4 IRC client ircII ircII 2.2.9, 5 OpenSSH 3.4p1, or 6 Sendmail 8.12.6...

CVE-1999-0572

.reg files are associated with the Windows NT registry editor regedit, making the registry susceptible to Trojan Horse attacks...

CVE-2019-7656

A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any unprivileged Linux user to escalate privileges to root. The installer sets too relaxed permissions on /usr/local/WowzaStreamingEngine/bin/ core program files. By injecting a payload into one of those files...

CVE-2019-16406

Centreon Web 19.04.4 has weak permissions within the OVA aka VMware virtual machine and OVF aka VirtualBox virtual machine files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron...

MAL-2025-139021 Malicious code in sour-cyan-horse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c067f8e564ef690a4527730e466bc3c9452d06762612d946d61a689ad4e79fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-117081

Malicious code in sour-cyan-horse npm...

Malicious code in sour-cyan-horse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c067f8e564ef690a4527730e466bc3c9452d06762612d946d61a689ad4e79fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-117408

Malicious code in eventual-harlequin-horse npm...

MAL-2025-131862 Malicious code in absent_horse_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81787b848631ca7c4d0d414f89470effa5b2e447901dbed6b4deb4181fcca223 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-102070

Malicious code in stickyhorsez3n npm...