Lucene search
+L

41 matches found

HackRead
HackRead
added 2025/02/04 12:0 a.m.9 views

Hackers Hide Malware in Fake DeepSeek PyPI Packages

Malicious DeepSeek packages on PyPI spread malware, stealing sensitive data like API keys. Learn how this attack targeted developers and how to protect yourself...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/29 7:5 a.m.27 views

'Stargazer Goblin' Creates 3,000 Fake GitHub Accounts for Malware Spread

A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service DaaS that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year. The network, which comprises over 3,000...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/04 9:22 a.m.30 views

Over 100 Malicious AI/ML Models Found on Hugging Face Platform

As many as 100 malicious artificial intelligence AI/machine learning ML models have been discovered in the Hugging Face platform. These include instances where loading a pickle file leads to code execution, software supply chain security firm JFrog said. "The model's payload grants the attacker a...

8.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/07/19 12:0 a.m.10 views

PT-2023-3875

Name of the Vulnerable Software and Affected Versions MikroTik RouterOS versions prior to 6.49.7 MikroTik RouterOS long-term versions prior to 6.48.7 Description The issue is related to a privilege escalation problem in the Winbox and HTTP interfaces of MikroTik RouterOS. A remote and authenticat...

9.1CVSS8.3AI score0.01313EPSS
Exploits0References27
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/02/25 11:18 p.m.3 views

Malicious code in tpstudyed (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e23727ae8a6fc41ea3192f6364598d22b82aa7e1f285f40cfc9cb7baedda86a8 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/02/25 11:3 p.m.3 views

Malicious code in libmineurl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ee5b64de705122b5e4c366fad9b7d00ad56081a9a41e34b18897bdd017782c69 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

7AI score
Exploits0References1
Hacker One
Hacker One
added 2022/12/03 6:16 p.m.17 views

Brave Software: S3 Bucket Takeover : brave-apt

An unclaimed S3 bucket was found on the domain brave.com, which was being used in the installation of brave-browser in Linux distros. An attacker could have taken over the S3 bucket and used it to spread malware or create a fake login page to spoof users. The vulnerability was reported to the...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/26 10:0 a.m.76 views

A week in security (September 19 – 25)

Last week on Malwarebytes Labs: Hookup site targeted by typo-squatters American Airlines suffers data breach after phishing incident Grand Theft Auto 6 suffers grand theft EDR vs MDR vs XDR - Whats the Difference? Scammers send fake 'Energy Bills Support Scheme' texts Tax refund phish logs...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/03/30 10:0 a.m.70 views

COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware

As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to...

6.9AI score
Exploits0
HackRead
HackRead
added 2020/02/05 7:49 p.m.31 views

Hackers can use flaw in Philips smart light bulbs to spread malware

By Sudais Asif Hackers can use this vulnerability to carry out a wide range of cyber attacks including ransomware infection. This is a post from HackRead.com Read the original post: Hackers can use flaw in Philips smart light bulbs to spread malware...

1.6AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2019/09/20 12:6 a.m.66 views

We All Could Pay a Price for the Latest Slap at Huawei

An international cybersecurity group has evicted the Chinese telecom company to comply with US sanctions. That could allow malware to spread more easily...

2.3AI score
Exploits0
ThreatPost
ThreatPost
added 2019/09/16 1:13 p.m.51 views

New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware

Researchers have identified a new threat actor that is using impersonation fraud to purchase digital certificates that are then used for the spread of malware. Security firm ReversingLabs identified a bad actor that deceives certificate authorities into selling them legitimate digital certificate...

0.2AI score
Exploits0References7
Krebs on Security
Krebs on Security
added 2019/05/30 10:21 p.m.82 views

Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors

Canadian government regulators are using the country's powerful new anti-spam law to pursue hefty fines of up to a million dollars against Canadian citizens suspected of helping to spread malicious software. In March 2019, the Canadian Radio-television and Telecommunications Commission CRTC --...

6.8AI score
Exploits0
CNVD
CNVD
added 2017/06/09 12:0 a.m.3 views

Foscam camera FTP Server Account Empty Password Vulnerability

Foscam camera is a webcam that pushes messages to your phone and also enables video Baidu cloud storage directly through WIFI. Foscam camera FTP server has an account empty password vulnerability, due to the user account of the built-in FTP server is empty password. Attackers can then access the...

7.2AI score
Exploits0References1
Web Security Log
Web Security Log
added 2016/11/07 7:53 a.m.20 views

WhatsApp : XSS vulnerability can be misused for Spreading Malware

WhatsApp XSS vulnerability can be misused for Spreading Malware Little Insight: According to FACEBOOK,This XSS could take advantage of the known domain to make phishing attacks easier or can be misused for Spreading Malware Reward For Whatsapp XSS Vulnerability : 1000$ My Finding.... Domain:...

6.4AI score
Exploits0
Hacker One
Hacker One
added 2015/10/04 11:17 p.m.34 views

Automattic: CSV Injection in polldaddy.com

Hello, We can inject commands in any fields of a member in an email group =210 for example, and when it's exported to CSV it will be evaluated to 20 in the corresponding cell, this enables an attacker to spread malware and execute system level commands on a victim's machine if the victim download...

1AI score
Exploits0
Hacker One
Hacker One
added 2015/10/04 10:34 p.m.28 views

Trello: CSV Injection

Hello, We can inject commands in the name field of a board =210 for example, and when it's exported to CSV it will be evaluated to 20 in the corresponding cell, this enables an attacker to spread malware and execute system level commands on a victim's machine if the victim downloaded the CSV file...

7.1AI score
Exploits0
Cisco Threats
Cisco Threats
added 2013/10/01 2:4 p.m.7 views

Threat Outbreak Alert: Fake Product Purchase Order Email Messages on October 1, 2013

Medium Alert ID: 31068 First Published: 2013 October 1 14:04 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product order for the recipient. The text in the email message attempts to convince the recipient to open the...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2012/01/05 3:27 p.m.13 views

New Ramnit Variant Is Stealing Facebook Credentials

The Ramnit worm, which was first detected more than 18 months ago, has continued to evolve and now has spawned a version that is targeting victims’ Facebook credentials, and with great success. Researchers at Seculert in Israel have found a variant of Ramnit that is stealing those credentials and...

1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2010/07/14 5:3 p.m.21 views

Spammers Moving to Disposable Domains

Spammers and the botnet operators they’re allied with are continuing to adapt their techniques to evade security technologies, and now are using what amount to disposable domains for their activities. A new report shows that the spammers are buying dozens of domains at a time and moving from one ...

Exploits0References3
Rows per page
Query Builder