Lucene search
K

46 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 5:37 p.m.11 views

Malicious code in open-agents-ai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecd54a57bfc95ce17e9e2279808810d09bb3285a15af6198f9f40f7a8f5307f7 package.json declares both preinstall and postinstall lifecycle hooks that invoke curl, and ships dist/postinstall-daemon.cjs — a Node script that...

5.8AI score
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6806

Malicious code in bioql PyPI...

9CVSS6.6AI score0.00162EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/07/21 12:0 a.m.4 views

PhishIntentionLLM: Uncovering Phishing Website Intentions through Multi-Agent Retrieval-Augmented Generation

Phishing websites remain a major cybersecurity threat, yet existing methods primarily focus on detection, while the recognition of underlying malicious intentions remains largely unexplored. To address this gap, we propose PhishIntentionLLM, a multi-agent retrieval-augmented generation RAG...

6.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2025/01/27 12:30 p.m.10 views

uniapi version 1.0.7 contained an information harvesting script.

uniapi version 1.0.7 introduces code that would execute on import of the module and download a script from a remote URL, and would then execute the downloaded script in a thread. The downloaded script would harvest system information and POST the information to another remote URL. This code was...

7.2AI score
Exploits0References4Affected Software1
OSV
OSV
added 2025/01/27 12:30 p.m.3 views

GHSA-GVVW-RR8M-FJ76 uniapi version 1.0.7 contained an information harvesting script.

uniapi version 1.0.7 introduces code that would execute on import of the module and download a script from a remote URL, and would then execute the downloaded script in a thread. The downloaded script would harvest system information and POST the information to another remote URL. This code was...

7.2AI score
Exploits0References3
PyPA
PyPA
added 2025/01/24 7:56 p.m.12 views

uniapi version 1.0.7 contained an information harvesting script.

uniapi version 1.0.7 introduces code that would executeon import of the module and download a script from a remote URL,and would then execute the downloaded script in a thread.The downloaded script would harvest system informationand POST the information to another remote URL.This code was found ...

7AI score
Exploits0References2Affected Software1
OSV
OSV
added 2025/01/24 7:56 p.m.4 views

PYSEC-2025-2 uniapi version 1.0.7 contained an information harvesting script.

uniapi version 1.0.7 introduces code that would execute on import of the module and download a script from a remote URL, and would then execute the downloaded script in a thread. The downloaded script would harvest system information and POST the information to another remote URL. This code was...

7.3AI score
Exploits0References2
The Hacker News
The Hacker News
added 2023/09/09 8:14 a.m.47 views

Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play

Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that's designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/04 8:40 a.m.71 views

Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising

Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware. "Threat actors have long used fraudulent ads as a vector to target victims with scams, malvertising, and more,"...

7.5AI score
Exploits0
Huntr
Huntr
added 2023/04/05 10:55 a.m.19 views

Attached files under salaries module can be harvested by unauthenticated users

Description File attachment under salaries module can be downloaded and viewed by anyone without authentication by just knowing the full path /assets/FileUploads/2022/staff2/ and the predictable filename contains date YYYY-MM-DD and a random 6 digit number which can be easily enumerated by...

5CVSS6.4AI score0.00613EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/03/08 7:57 a.m.42 views

Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments

High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year. The intrusions are characterized by the use of a new version of the Soul modular framework, marking a departure from the...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/26 1:37 p.m.43 views

Unknown Actors are Deploying RomCom RAT to Target Ukrainian Military

The threat actor behind a remote access trojan called RomCom RAT has been observed targeting Ukrainian military institutions as part of a new spear-phishing campaign that commenced on October 21, 2022. The development marks a shift in the attacker's modus operandi, which has been previously...

1.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/08 10:50 a.m.29 views

Experts Uncover 350 Browser Extension Variants Used in ABCsoup Adware Campaign

A malicious browser extension with 350 variants is masquerading as a Google Translate add-on as part of an adware campaign targeting Russian users of Google Chrome, Opera, and Mozilla Firefox browsers. Mobile security firm Zimperium dubbed the malware family ABCsoup, stating the "extensions are...

1.9AI score
Exploits0
ThreatPost
ThreatPost
added 2020/08/14 8:18 p.m.140 views

Mac Users Targeted by Spyware Spreading via Xcode Projects

A campaign aimed at Mac users is spreading the XCSSET suite of malware, which has the capability to hijack the Safari web browser and inject various JavaScript payloads that can steal passwords, financial data and personal information, deploy ransomware and more. Infections are propagating via...

Exploits0References5
Prion
Prion
added 2020/05/04 2:15 p.m.20 views

Default credentials

The OKLOK 3.1.1 mobile companion app for Fingerprint Bluetooth Padlock FB50 2.3 allows remote attackers to submit API requests using authenticated but unauthorized tokens, resulting in IDOR issues. A remote attacker can use their own token to make unauthorized API requests on behalf of arbitrary...

4CVSS6.5AI score0.01022EPSS
Exploits1References1Affected Software1
Trellix
Trellix
added 2019/11/08 12:0 a.m.16 views

Spanish MSSP Targeted by BitPaymer Ransomware

ARCHIVED STORY Spanish MSSP Targeted by BitPaymer Ransomware By ATR Operational Intelligence Team · November 08, 2019 Co-authored by Marc RiveroLopez Initial Discovery This week the news hit that several companies in Spain were hit by a ransomware attack. Ransomware attacks themselves are not new...

0.5AI score
Exploits0
CVE
CVE
added 2018/07/27 1:0 p.m.75 views

CVE-2017-2639

CloudForms Management Engine is affected by CVE-2017-2639, where it does not verify that the server hostname matches the domain name in the certificate when using a custom CA with connections to RHEV/OpenShift. This can allow an attacker to spoof RHEV/OpenShift systems and potentially harvest sen...

7.5CVSS7.3AI score0.01137EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/03/31 12:0 a.m.8 views

WebDAV

Web Distributed Authoring and Versioning WebDAV is a facility that enables basic file management reading and writing to a web server. It essentially allows the webserver to be mounted by the client as a traditional file system allowing users a very simplistic means to access it as they would any...

7AI score
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

HTTP 1.1 GET Request Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39590/info The HTTP application is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary local files and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

Ziggurrat Farsi CMS 'bck' Parameter Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39534/info Ziggurat Farsi CMS is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the...

7.1AI score
Exploits0
Rows per page
Query Builder