Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by...

CVE-2019-25261

AnyDesk 5.4.0 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially inject malicious executables. Attackers can exploit the unquoted binary path to place malicious files in service executable locations, potentially gaining...

PT-2026-4654

Magic Mouse 2 Utilities 2.20 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to inject malicious executables and gain elevated system privileges by placing a malicious file in the service path...

PT-2026-3837

OKI Print Job Accounting 4.4.10 contains an unquoted service path vulnerability in the OkiJaSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:Program FilesOkidataPrint Job Accounting' to inject malicious executables and...

Malware Injection

prebid-universal-creative is vulnerable to malware injection. The vulnerability is due to the inclusion of crypto-related malicious code and the latest release, which allows an attacker to execute unauthorized cryptocurrency-related operations on affected systems...

EUVD-2022-42570

Malicious code in bioql PyPI...

Ruckus Wireless ICX Switches Path Traversal (CVE-2024-50607)

The following vulnerabilities are found in the RUCKUS FastIron firmware that runs on the RUCKUS ICX product line: - CVE-2024-50607: Directory traversal vulnerability - CVE-2024-50604: Insufficient validation for software component integrity check Collectively, these vulnerabilities can allow an...

Ruckus Wireless ICX Switches Improper Validation of Integrity Check Value (CVE-2024-50604)

The following vulnerabilities are found in the RUCKUS FastIron firmware that runs on the RUCKUS ICX product line: - CVE-2024-50607: Directory traversal vulnerability - CVE-2024-50604: Insufficient validation for software component integrity check Collectively, these vulnerabilities can allow an...

CVE-2025-54792 LocalSend is Vulnerable to Man-in-the-Middle Attacks, Leading to File Interception

LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. In versions 1.16.1 and below, a critical Man-in-the-Middle MitM vulnerability in the software's discovery protocol allows an unauthenticated attacke...

Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month

Cybersecurity researchers are calling attention to a "large-scale campaign" that has been observed compromising legitimate websites with malicious JavaScript injections. According to Palo Alto Networks Unit 42, these malicious injects are obfuscated using JSFuck, which refers to an "esoteric and...

PT-2025-24404

Name of the Vulnerable Software and Affected Versions Insyde H2O UEFI firmware affected versions not specified Description A flaw exists in the digital signature verification process within Insyde H2O UEFI firmware. This issue does not properly validate variable attributes, allowing an attacker t...

CVE-2024-57428

A stored cross-site scripting XSS vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields eventimg, seatmaps and seat number configurations numbernewX in pjActionCreate. Attackers can inject persistent JavaScript, leading to phishing, malware...

CVE-2024-57428

A stored cross-site scripting XSS vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields eventimg, seatmaps and seat number configurations numbernewX in pjActionCreate. Attackers can inject persistent JavaScript, leading to phishing, malware...

PT-2025-5832 · Phpjabbers · Phpjabbers Cinema Booking System

Name of the Vulnerable Software and Affected Versions: PHPJabbers Cinema Booking System version 2.0 Description: A stored cross-site scripting XSS issue exists due to unsanitized input in file upload fields event img, seat maps and seat number configurations numbernew X in pjActionCreate. This...

CVE-2024-57428

A stored cross-site scripting XSS vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields eventimg, seatmaps and seat number configurations numbernewX in pjActionCreate. Attackers can inject persistent JavaScript, leading to phishing, malware...

CVE-2024-57428

PHPJabbers Cinema Booking System v2.0 is affected by a stored XSS due to unsanitized input in file uploads (event_img, seat_maps) and in seat number configurations (number[new_X] in pjActionCreate). This enables injection of persistent JavaScript for phishing, malware injection, and session hijac...

PHPJabbers Cinema Booking System 2.0 Cross Site Scripting

PHPJabbers Cinema Booking System version 2.0 suffers from both reflective and persistent cross site scripting vulnerabilities. CVE-2024-57428 A stored cross-site scripting XSS vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields eventimg,...

GHSA-CVW4-C69G-7V7M Inclusion of Untrusted polyfill.io Code Vulnerability in fides.js

Note On Thursday, June 27, 2024, Cloudflare and Namecheap intervened at a domain level to ensure polyfill.io and its subdomains could not resolve to the compromised service, rendering this vulnerability unexploitable. The following sections describe this vulnerability prior to the domain level...

Polyfill Detected

The polyfill.js file is a popular open-source library to ensure old browsers compatibility when evaluating JavaScript code. Starting February 2024, the domain polyfill.io and the related GitHub account have been purchased by a malicious threat actor to inject malwares in all web applications...