Lucene search
K

323 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 6:24 a.m.11 views

Malicious code in js-logger-pack (npm)

js-logger-pack is a fake npm logger that the attacker developed openly on the registry over 23 versions across two weeks 2026-04-01 to 2026-04-15. Version 1.1.20, published hours after initial detection, is a re-obfuscation of the same payload with a new hash — same C2, same capabilities. Early...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/14 5:42 a.m.5 views

Malicious code in svchost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a56926028e7e253a1ffb3ba27d6514a5cbc6b23964d7e1094846a895dd322656 Code exfiltrates sensitive crypto wallet's files and sets up a keylogger trying to catch the password to the wallet --- Category: MALICIOUS - The campaign has...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/14 5:42 a.m.5 views

MAL-2026-2628 Malicious code in svchost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a56926028e7e253a1ffb3ba27d6514a5cbc6b23964d7e1094846a895dd322656 Code exfiltrates sensitive crypto wallet's files and sets up a keylogger trying to catch the password to the wallet --- Category: MALICIOUS - The campaign has...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/14 5:35 a.m.9 views

Malicious code in pckg-sv (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2ae45d504dadccaa437ebeaa729136ca7b38074149772b076c7abb34ab1e81f4 Code exfiltrates sensitive crypto wallet's files and sets up a keylogger trying to catch the password to the wallet --- Category: MALICIOUS - The campaign has...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/14 5:35 a.m.4 views

MAL-2026-2627 Malicious code in pckg-sv (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2ae45d504dadccaa437ebeaa729136ca7b38074149772b076c7abb34ab1e81f4 Code exfiltrates sensitive crypto wallet's files and sets up a keylogger trying to catch the password to the wallet --- Category: MALICIOUS - The campaign has...

5.8AI score
Exploits0References1
Securelist
Securelist
added 2026/04/01 6:0 a.m.9 views

A laughing RAT: CrystalX combines spyware, stealer, and prankware features

Introduction In March 2026, we discovered an active campaign promoting previously unknown malware in private Telegram chats. The Trojan was offered as a MaaS malware‑as‑a‑service with three subscription tiers. It caught our attention because of its extensive arsenal of capabilities. On the panel...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/03 6:53 a.m.10 views

SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains

The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The activity, per Arctic Wolf, took place between January 2025 and January 2026. It involves the use of...

6.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/16 7:3 a.m.7 views

Malicious code in http-request-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 13b29a753802db633ab987963543535999a246049761d4d29699b66edf207f13 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...

5.6AI score
Exploits0References2
OSV
OSV
added 2026/02/16 7:3 a.m.5 views

MAL-2026-912 Malicious code in http-request-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 13b29a753802db633ab987963543535999a246049761d4d29699b66edf207f13 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/15 12:2 a.m.6 views

Malicious code in requests-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccf88804317b4caf9661eb94c320a521f7689c5cf26a8754ec219d268fc9c873 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...

5.6AI score
Exploits0References2
OSV
OSV
added 2026/02/15 12:2 a.m.13 views

MAL-2026-903 Malicious code in requests-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccf88804317b4caf9661eb94c320a521f7689c5cf26a8754ec219d268fc9c873 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...

5.6AI score
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-10244

Malware in sbrugna...

7.8CVSS7.7AI score0.0077EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-31116

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00118EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31104

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.0067EPSS
Exploits0References3
NVD
NVD
added 2025/09/25 3:16 p.m.6 views

CVE-2025-10542

iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over monitored agents and dat...

9.8CVSS0.0067EPSS
Exploits0References3
CVE
CVE
added 2025/09/25 2:5 p.m.11 views

CVE-2025-10540

iMonitor EAM 9.6394 transmits client/server and monitor/server communications in plaintext with no authentication. An attacker on the network can intercept credentials, keylogger data, PII, and data in transit, and can tamper with traffic, including issuing arbitrary commands to client agents. Do...

6.5CVSS6.7AI score0.00118EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.8 views

PT-2025-39391

Name of the Vulnerable Software and Affected Versions iMonitor EAM version 9.6394 Description The software ships with default administrative credentials that are displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can...

9.8CVSS6.9AI score0.0067EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 3:34 a.m.3 views

Malicious code in panel-keylogger-sim (npm)

The package panel-keylogger-sim was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ddef5ca6a0aead05fafecfc9b6500798ffcd3d1e85048cd8c193233715be20e4 Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References1
Snyk
Snyk
added 2025/09/05 3:34 a.m.2 views

Malicious Package

Overview panel-keylogger-sim is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/09/05 3:34 a.m.3 views

MAL-2025-42156 Malicious code in panel-keylogger-sim (npm)

The package panel-keylogger-sim was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ddef5ca6a0aead05fafecfc9b6500798ffcd3d1e85048cd8c193233715be20e4 Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References1
Rows per page
Query Builder