28 matches found
Malicious Package
Overview prompt-engineering-toolkit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
GIMP 安全漏洞
GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability, which allows attackers to exploit related vulnerabilities for malicious purposes...
Deepfake ‘Nudify’ Technology Is Getting Darker—and More Dangerous
Sexual deepfakes continue to get more sophisticated, capable, easy to access, and perilous for millions of women who are abused with the technology...
Malicious Package
Overview viktor-xml-parser is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EvilOSX
This is an evil RAT Remote Administration Tool for macOS / OS X. It is a Python-based tool that allows for remote access and control of a compromised system. The tool is designed to be undetectable by anti-virus software and is persistent, meaning it will survive a reboot. The tool has a modular...
CISA Has a New Road Map for Handling Weaponized AI
In its plans to implement a White House executive order, CISA aims to strike a balance between promoting AI adoption for national security and defending against its malicious use...
Microsoft Releases Patches for 132 Vulnerabilities, Including 6 Under Active Attack
Microsoft on Tuesday released updates to address a total of 132 new security flaws spanning its software, including six zero-day flaws that it said have been actively exploited in the wild. Of the 132 vulnerabilities, nine are rated Critical, 122 are rated Important in severity, and one has been...
sellRewards() might be used to steal collaterals/rewards by malicious guardians or sellers.
Lines of code Vulnerability details Impact Malicious guardians or sellers might steal funds using sellRewards. Proof of Concept sellRewards is used to buy collaterals using rewardsagToken through 1inch router. function sellRewardsuint256 minAmountOut, bytes memory payload external returns uint256...
GitHub revokes several certificates after unauthorized access
In a call to action, GitHub warned users of GitHub Desktop for Mac and Atom that it will revoke certificates which were exposed during unauthorized access to a set of repositories used in the planning and development of GitHub Desktop and Atom. Revoking these certificates will invalidate some...
Email-Worm.Win32.Kipis.c MVID-2022-0652 File Write / Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/8d0df60c96e4011c312d61ed3e6dc70e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Kipis.c Vulnerability: Remote File Write Code Execution Description: The...
RedLine.MainPanel Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/baf102927947289e4d589028620ce291.txt Contact: [email protected] Media: twitter.com/malvuln Threat: RedLine.MainPanel - cracked.exe Vulnerability: Insecure Permissions Description: The malware writes ...
Backdoor.Win32.WinShell.50 Weak Hardcoded Password
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/1fd45364073a81ddd707d74ba5d4c121.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.WinShell.50 Vulnerability: Weak Hardcoded Password Description: The malware listens o...
Backdoor.Win32.Hupigon.afjk Authentication Bypass / Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/80b0fc8c0657c0ae7971f09af45c706bC.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.afjk Vulnerability: Authentication Bypass RCE Description: The malware runs ...
Backdoor.Win32.Delf.um Authentication Bypass / Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d5256768a01a0e7c2ad5ba1264777f71.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.um Vulnerability: Authentication Bypass RCE Description: The malware runs an FTP...
MS17-010
This repository is for public analysis of the MS17-010 vulnerability. The repository contains various proof-of-concept PoC exploits and scripts for exploiting the vulnerability, which affects the Windows SMB protocol. The exploits are designed to demonstrate the vulnerability's impact and are not...
Mozilla permanently shuts down Notes & Send over malicious use
By Waqas Reportedly, people were using these services for malicious purposes especially launching phishing and malware attacks. This is a post from HackRead.com Read the original post: Mozilla permanently shuts down Notes & Send over malicious use...
Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms
With Flash Player’s Dec. 31, 2020 kill date quickly approaching, Adobe said that it will start prompting users to uninstall the software in the coming months. The End of Life EOL timeline has been a long time coming. Adobe first announced in July 2017 that it will no longer update or distribute...
Removing the jam in your printer security
Printers are an important, invisible—albeit sometimes loud—component of the office. But all too often they’re filled with mystery meat icons, peculiar blinking lights, or error messages with no instruction manual to hand. No problem, you can just print at the next station! Wrong. Printers also...
Bring Your Own Land (BYOL) – A Novel Red Teaming Technique
Introduction One of most significant recent developments in sophisticated offensive operations is the use of “Living off the Land” LotL techniques by attackers. These techniques leverage legitimate tools present on the system, such as the PowerShell scripting language, in order to execute attacks...
Windows: NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous Behavior(CVE-2018-0823)
Windows: NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous Behavior Platform: Windows 10 1709 functionality not present prior to this version Class: Security Feature Bypass/Elevation of Privilege/Dangerous Behavior Summary: It’s possible to create NPFS symlinks as a low IL or...