MAL-2025-151700 Malicious code in aciaiaggu-idat-gfada (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d74d306962df7e169c02ec92a35be8f6cb9dff3e92350c248ae4b3de0c51a6c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aciaiaggu-idat-doa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 849e03658b49e80038659ab32879cc230db9f8f6e83573ab7614772db652ec73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aciaiaggu-idat-doua (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bef65c85e4bdc244783d3bfcb740bdba2402fd4b48963ffee6e36c2d8d6c23c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aciaiu-idat-doauuufa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a04fd8ceb07f68905b6b564ead35751f4ec780f05289a5c5340725230257445d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2014-0371

Malware in sbrugna...

EUVD-2017-7972

Malware in sbrugna...

EUVD-2014-9142

Malware in sbrugna...

EUVD-2015-0981

Malware in sbrugna...

Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service

...

Stories from the SOC Part 2: MSIX Installer Utilizes Telegram Bot to Execute IDAT Loader

Rapid7’s Managed Detection and Response MDR team continuously monitors our customers' environments, identifying emerging threats and developing new detections. In August 2023, Rapid7 identified a new malware loader named the IDAT Loader. Malware loaders are a type of malicious software designed t...

Stories from the SOC Part 1: IDAT Loader to BruteRatel

Rapid7’s Managed Detection and Response MDR team continuously monitors our customers' environments, identifying emerging threats and developing new detections. In August 2023, Rapid7 identified a new malware loader named the IDAT Loader. Malware loaders are a type of malicious software designed t...

New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT

Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader. The attack has been attributed to a threat actor tracked by the Computer Emergency Response Team of...

CVE-2023-46865

/api/v1/company/upload-logo in CompanyController.php in crater through 6.0.6 allows a superadmin to execute arbitrary PHP code by placing this code into an image/png IDAT chunk of a Company Logo image...

New IDAT Loader Unleashes Infostealers in Fake Browser Update Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In a recent malware campaign, threat actors utilized a new IDAT Loader to distribute a range of malicious software, including InfoStealers and RATs, employing evasion methods. This loader is packaged...

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Technical Analysis by: Thomas Elkins, Natalie Zargarov Contributions: Evan McCann, Tyler McGraw Recently, Rapid7 observed the Fake Browser Update lure tricking users into executing malicious binaries. While analyzing the dropped binaries, Rapid7 determined a new loader is utilized in order to...

SUSE CVE-2014-0333

The pngpushreadchunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an IDAT chunk with a length of zero...

SUSE CVE-2017-16796

In SWFTools 0.9.2, the pngload function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service invalid write and application crash or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file...

Shopify: XSS Stored via Upload avatar PNG [HTML] File in accounts.shopify.com

Hello team, I found unrestricted file upload via avatar in https://accounts.shopify.com/accounts/, and XSS Stored in PNG IDAT chunks using exiftool , exiftool command exiftool -Comment=""alertprompt'XSS BY ZEROX4'" xsscommentexifmetadatadoublequote.png Payload example : �PNG �...

ffmpeg:ffmpeg_AV_CODEC_ID_APNG_fuzzer: Heap-buffer-overflow in inflate

Project: https://git.ffmpeg.org/ffmpeg.git Detailed Report: https://oss-fuzz.com/testcase?key=4796622520451072 Project: ffmpeg Fuzzing Engine: honggfuzz Fuzz Target: ffmpegAVCODECIDAPNGfuzzer Job Type: honggfuzzasanffmpeg Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address:...

CVE-2017-16796

In SWFTools 0.9.2, the pngload function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service invalid write and application crash or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file...