30 matches found
EUVD-2006-4314
Malware in sbrugna...
EUVD-2015-8847
Malware in sbrugna...
EUVD-2016-1440
Malware in sbrugna...
EUVD-2019-13228
Malware in sbrugna...
EUVD-2024-49349
Malicious code in bioql PyPI...
EUVD-2022-40007
Malicious code in bioql PyPI...
EUVD-2025-4639
Malicious code in bioql PyPI...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
CVE-2025-22457: Critical Ivanti Connect Secure Vulnerability ⚡...
PT-2025-27478
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 138.0.7204.96 Description A type confusion issue exists in the V8 JavaScript engine, which is used to execute web pages and applications. This flaw allows a remote attacker to perform arbitrary read and write...
PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
Cybersecurity researchers from SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below - eslint-config-airbnb-compat 676 Downloads ts-runtime-compat-check 1,588...
PT-2025-16002 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR agent affected versions not specified Description: A null pointer dereference issue in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent...
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is...
Should a VM specialist be aware of what is happening in the Darknet?
Should a VM specialist be aware of what is happening in the Darknet? Of course. At least roughly. Otherwise, he'll fall for the "nobody’s attacking us" myth. The reality is that every organization is under attack all the time. It's like commercial fishing with trawlers. Anything that gets caught ...
Abusing VBS Enclaves to Create Evasive Malware
...
CVE-2025-0112
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This vulnerability can also be leveraged by malware to disable the Cortex XDR agent and then perform malicious activit...
CVE-2025-0112 Cortex XDR Agent: Local Windows User Can Disable the Agent
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This vulnerability can also be leveraged by malware to disable the Cortex XDR agent and then perform malicious activit...
CVE-2025-0112 Cortex XDR Agent: Local Windows User Can Disable the Agent
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This vulnerability can also be leveraged by malware to disable the Cortex XDR agent and then perform malicious activit...
Scammers Exploit JFK Files Release with Malware and Phishing
Veriti Research reported a developing cyber threat campaign centred around the declassification and release of the RFK, MLK…...
PT-2025-1003
Name of the Vulnerable Software and Affected Versions Ivanti Connect Secure versions prior to 22.7R2.5 Ivanti Policy Secure versions prior to 22.7R1.2 Ivanti Neurons for ZTA gateways versions prior to 22.7R2.3 Description A stack-based buffer overflow in Ivanti Connect Secure, Policy Secure, and...
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the...