Malicious code in npm-sandbox-research-8b2f (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 916280d3906e0f04caa7f46135039e4a42b03a5c96091c1555ad2ab0e86b923b On install, package.json runs postinstall: node run.js, which loads beacon scripts beacon8.js, beaconlinux.js that import childprocess, os, and http,...

Malicious code in quicksolving (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 334524bfbf6438acc5016e76054740cdb532bdd9921695cbcc1852c568226708 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2821 Malicious code in robase-quick-install (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f69377c01d5c0980cb9bf905be35133e5cd077e7c64c577460dc06e3871c2d9e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in databaselooks (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dd73d73ace43286d9d97ccebb1f758b52cfd114774b862c5b568a7d1151d0112 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2179 Malicious code in python-glue (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 df7fb99f81d8afd1a93e643a95ebb6d2a873e73b15ae8c6fada22746ccf7037f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-869 Malicious code in ritch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bc0d5c6c0c3175de2d5def02fe422574cfee5f7fe3a88f894de7122aa9dcf588 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in ritch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bc0d5c6c0c3175de2d5def02fe422574cfee5f7fe3a88f894de7122aa9dcf588 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in userver-requires-at-least-python-3-10 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 482925eb73388f3c834ceef6db5714f819970521367f7129878e38afbaa08bf0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

The vulnerability of the Fortinet FortiClient security device arises from improper verification of the cryptographic signature. This allows attackers to compromise the confidentiality, integrity, and accessibility of information.

The vulnerability of the Fortinet FortiClient security tool is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of information by replacing the installer with a...

Malicious code in bo3to (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 131072b5bfcd4ce6218aaec66423046b83d0e49904d5992b26192daa201421bd During installation, a cryptominer is secretly installed and started. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

Xiaomi Mi App Store 输入验证错误漏洞

A security vulnerability exists in Xiaomi Mi App Store, an app store of Xiaomi, a Chinese company. The vulnerability is due to the Xiaomi App Store not verifying the validity of incoming data, which could be exploited by an attacker to cause the app store to automatically download and install app...

CVE-2021-30359

The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation...

CVE-2021-25281

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master. Recent assessments: kevthehermit at February 26, 2021 5:08pm UTC reported: Vulnerability This...

Unspecified Vulnerability in Samsung A7

The Samsung A7 is a smartphone from the South Korean company Samsung Samsung. A security vulnerability in the Samsung A7 build fingerprint: samsung/a7y17ltexx/a7y17lte:8.0.0/R16NW/A720FXXU7CSC2:user/release-keys in the com.samsung.android. A security vulnerability exists in the themecenter app. A...

Apple Patches KRACK Vulnerability in iOS 11.1

Apple has patched iOS, macOS and other products to protect against the KRACK vulnerability recently disclosed in the WPA2 Wi-Fi security protocol. KRACK, short for key re-installation attack, allows an attacker within range of a victim’s Wi-Fi network to read encrypted traffic with varying degree...