Lucene search
K

14 matches found

OSV
OSV
added 2026/03/03 7:19 p.m.7 views

MAL-2026-1226 Malicious code in qwery-core (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c4861116d64db41be8bae04818ecc9f3542fe4bc30055d57588f6f23c11149f3 Obfuscated downloader of encrypted code, compiled to native binary. The remote URL has to be provided to the binary. Likely impersonates legitimate npm library...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/14 2:2 a.m.12 views

Malicious code in magicwolf (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d4f256ccd65da42e297351fbc7c15d4f3b25789c362d0d3419d580c4e07bf34 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

6.4AI score
Exploits0References6
Snyk
Snyk
added 2025/09/15 7:39 a.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
The Hacker News
The Hacker News
added 2025/08/28 5:10 p.m.6 views

Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names

Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named...

6.9AI score
Exploits0
Talos Blog
Talos Blog
added 2023/07/07 9:26 p.m.15 views

Threat Roundup for June 30 to July 7

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between June 30 and July 7. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

6.8AI score
Exploits0
Talos Blog
Talos Blog
added 2023/01/13 6:46 p.m.17 views

Threat Round up for January 6 to January 13

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Jan. 6 and Jan. 13. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

0.2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/12/16 7:29 p.m.48 views

Threat Round up for December 9 to December 16

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Dec. 9 and Dec. 16. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/11/18 5:42 p.m.21 views

Threat Round up for November 11 to 18

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Nov. 11 and Nov. 18. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2020/01/17 2:55 p.m.112 views

Threat Roundup for January 10 to January 17

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 10 and Jan. 17. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

10CVSS0.2AI score0.99999EPSS
Exploits123
Check Point Advisories
Check Point Advisories
added 2017/06/13 12:0 a.m.2 views

Microsoft Office Malicious Macros

Microsoft Office files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system...

4.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2017/06/04 12:0 a.m.1 views

PowerPoint Malicious Hover Exploit

There exists a malicious downloader vulnerability in Microsoft Office PowerPoint. This is because of the way PowerPoint presentation format handles link hover. A successful attack could lead to malicious files being downloaded...

1.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/09/14 12:0 a.m.3 views

Suspicious Microsoft Publisher Mail Attachment

Microsoft Office Publisher files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system...

3.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/02/23 12:0 a.m.2 views

Microsoft Office Mail Attachment Containing Malicious Downloader

A Microsoft Office Mail attachment containing a malicious downloader was observed as part of Locky ransomware campaign. A remote attacker could send spam e-mails including those downloaders and convince users to manually enable them. This would allow the malicious code to run and infect the targe...

4.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/01/19 12:0 a.m.4 views

Microsoft Office Files Containing Malicious Downloader

Microsoft Office files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system...

3.9AI score
Exploits0
Rows per page
Query Builder