115 matches found
“Your shipment has arrived” email hides remote access software
An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to explore a network, steal data, and drop additional malware. A German industrial spare parts and equipment supplier received an ema...
Bogus Avast website fakes virus scan, installs Venom Stealer instead
A fake website impersonating Avast antivirus is tricking people into infecting their own computers. The site looks legitimate, runs what appears to be a virus scan, and claims your system is full of threats. But the results are fake: when you’re prompted to “fix” the problem, the download you’re...
Malicious code in requests-testik111 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 72561775d8d7a7c1e47c83f2a7e13ed9eeb776d05ca6924cfcceaca7cad0cfef Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...
Malicious code in rowrapee (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 398cfbdac2d3602a5c9836408942993c3f2bbcda911184825f01cf9937fb035e The package hides code to download and start malicious script containing malware, identified as adware. The triggering method seems to be PTH file, although it...
Malicious code in roboat (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f04db4869c9e981873683b537f335c1f25c7c17c283315859699855a9c20816b During installation, the code attempts to download and start malware. Connected with the campaign based on the time correlation and other packages published by...
Malicious code in requests-core-plugin (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f7d809caa4cb4961377b3c02a06f90ce19136a36297191248a8c6cd289a809f2 During installation, package loads obfuscated code that then downloads and starts an executable. The final executable is identified as malware and appears to...
CVE-2026-0508 Open Redirect vulnerability in SAP BusinessObjects Business Intelligence Platform
The SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker with high privileges to insert malicious URL within the application. Upon successful exploitation, the victim may click on this malicious URL, resulting in an unvalidated redirect to the attacker-controlled...
PT-2026-7206
Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Business Intelligence Platform affected versions not specified Description An authenticated attacker with high privileges can insert a malicious URL within the application. Successful exploitation may result in an unvalidat...
CVE-2026-20056
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
CVE-2026-20056
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
CVE-2026-20056 Cisco Secure Web Appliance TBD Bypass Vulnerability
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
CVE-2026-20056
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
EUVD-2026-5425
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability
A vulnerability in the Dynamic Vectoring and Streaming DVS Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is du...
PT-2026-6079
Name of the Vulnerable Software and Affected Versions Cisco AsyncOS Software for Cisco Secure Web Appliance affected versions not specified Description A flaw in the Dynamic Vectoring and Streaming DVS Engine implementation may allow a remote, unauthenticated attacker to circumvent the anti-malwa...
Exploit for CVE-2025-66478
CVE-2025-66478 – Next.js Server Actions RCE Vulnerability: Ana...
MAL-2025-191919 Malicious code in uzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ee20087db4a86ce68765ba8046732e8f1fc906c58a0303e836429a63788dc97f During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-191850 Malicious code in quicksort-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d58062fd8cad559810255c4386b2acbeda83096e2999ea1172b10d0d7af008cb Importing the module downloads and executes an executable with malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
EUVD-2020-20581
Malware in sbrugna...
EUVD-2019-2669
Malware in sbrugna...