14 matches found
MAL-2026-1226 Malicious code in qwery-core (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c4861116d64db41be8bae04818ecc9f3542fe4bc30055d57588f6f23c11149f3 Obfuscated downloader of encrypted code, compiled to native binary. The remote URL has to be provided to the binary. Likely impersonates legitimate npm library...
Malicious code in magicwolf (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3d4f256ccd65da42e297351fbc7c15d4f3b25789c362d0d3419d580c4e07bf34 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named...
Threat Roundup for June 30 to July 7
Today, Talos is publishing a glimpse into the most prevalent threats weve observed between June 30 and July 7. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...
Threat Round up for January 6 to January 13
Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Jan. 6 and Jan. 13. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...
Threat Round up for December 9 to December 16
Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Dec. 9 and Dec. 16. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...
Threat Round up for November 11 to 18
Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Nov. 11 and Nov. 18. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...
Threat Roundup for January 10 to January 17
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 10 and Jan. 17. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Microsoft Office Malicious Macros
Microsoft Office files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system...
PowerPoint Malicious Hover Exploit
There exists a malicious downloader vulnerability in Microsoft Office PowerPoint. This is because of the way PowerPoint presentation format handles link hover. A successful attack could lead to malicious files being downloaded...
Suspicious Microsoft Publisher Mail Attachment
Microsoft Office Publisher files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system...
Microsoft Office Mail Attachment Containing Malicious Downloader
A Microsoft Office Mail attachment containing a malicious downloader was observed as part of Locky ransomware campaign. A remote attacker could send spam e-mails including those downloaders and convince users to manually enable them. This would allow the malicious code to run and infect the targe...
Microsoft Office Files Containing Malicious Downloader
Microsoft Office files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system...