Malicious code in claud-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 858992810c1a4133d95b6fa19033c07591db548a46df39b67e0d393d7dd212ad The package claud-code was found to contain malicious code. Source: ghsa-malware 5fe9842d778d45ad5b5e4d81db678d608711dd4b186e053569dae6f210481651 Any...

Malicious code in node-orm-mongoose (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 865f8ea25ee366ddf039c3cc4048e0974b55b5cfda34aaf8679f705a5ebc5432 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service DDoS attack that peaked at 3.8 terabits per second Tbps and lasted 65 seconds. The web infrastructure and security company said it fended off "over one hundred hyper-volumetric L3/4 DDoS attacks throughout...

Malicious code in @lbnqduy11805/studious-octo-waddle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c073697c9ccab5e44be0c257384fa4907147f96dda92c23b1c611c01e67788cd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in corporate-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d338cc997e0f56baeafd5773af498e1e559144af5aa4319bb9f939aa7f3c934b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Prometei botnet improves modules and exhibits new capabilities in recent updates

Prometei botnet continued its activity since Cisco Talos first reported about it in 2020. Since November 2022, we have observed Prometei improving the infrastructure components and capabilities. More specifically, the botnet operators updated certain submodules of the execution chain to automate...

Mylobot: A Sophisticated Botnet Malware Targeting Computers Worldwide

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mylobot is a Windows-targeting malware and was first discovered in 2017. It has not received much attention since then, but it is noteworthy for its ability to transform the infected system into a proxy...

Korean Word Processor Scam Alert Orcus RAT Lurking in Cracked Versions

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Orcus RAT, formerly known as Schnorchel, first appeared in April 2016 and allows for remote control of infected systems. Intruders are attempting to deploy a variant of Orcus RAT along with XMRig...

Malicious code in solid-completions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0420c7f0514ad8fb15c26077e5aa38fd64c43ca77ad540ac685a17c6b79356a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Update on WhisperGate, Destructive Malware Targeting Ukraine – Threat Intelligence & Protections Update

Update on WhisperGate, Destructive Malware Targeting Ukraine – Threat Intelligence & Protections Update By Taylor Mullins, Mo Cashman and Raj Samani · January 20, 2022 Recent news reports of a “ransomware” campaign targeting Ukraine has resulted in significant press coverage regarding not only...

Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps

Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service DDoS attack recorded to date. The attack, launched via a Mirai botnet, is said to have targeted an unnamed customer in the financial industr...

Backdoor.Win32.Zdemon.126 Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/cedc886b593f013133df39bb6b43a762.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zdemon.126 Vulnerability: Unauthenticated Remote Command Execution Description: Zdemo...

Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies

An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar. According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonl...

Ransom Where? Malicious Cryptocurrency Miners Takeover, Generating Millions

The Dark Side of the Digital Gold Rush This post was authored by Nick Biasini, Edmund Brumaghin, Warren Mercer and Josh Reynolds with contributions from Azim Khodijbaev and David Liebenberg. Executive Summary The threat landscape is constantly changing; over the last few years malware threat...

Bad Rabbit – Ransomware

updated: 10/26/2017 with additional file hashes and mitigations A new ransomware campaign has affected at least three Russian media companies in a fast-spreading malware attack. Fontanka and Interfax are among the companies affected by the Bad Rabbit ransomware named by the researchers who first...

DLink DSL-2640U - Unauthenticated DNS Change Exploit

shell !/bin/bash D-Link ADSL DSL-2640U IM1.00 Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Onc...

iBall Baton iB-WRA150N - DNS Change

!/bin/bash iBall Baton iB-WRA150N Unauthenticated Remote DNS Change Exploit Copyright 2016 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once modified,...

Pirelli DRG A115 ADSL Router - Unauthenticated DNS Change Exploit

Exploit for hardware platform in category web applications !/bin/bash Pirelli DRG A115 ADSL Router Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web...

Tenda ADSL2/2+ Modem D840R - DNS Change

!/bin/bash Tenda ADSL2/2+ Modem D840R Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once...

Inteno EG101R1 VoIP Router - DNS Change

Inteno EG101R1 VoIP Router - DNS Change !/bin/bash Inteno EG101R1 VoIP Router Unauthenticated Remote DNS Change Exploit Copyright 2016 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is...