Lucene search
K

42065 matches found

Circl
Circl
added 6 days ago9 views

CVE-2026-50229

creationtimestamp| type| source ---|---|--- 2026-06-29 21:40:40+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mphhbocbak2p 2026-06-29 22:19:25+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mphjgx4ff32q 2026-06-29 23:32:51+00:00| seen|...

6.1CVSS5.7AI score0.00357EPSS
Exploits0References8
Circl
Circl
added 6 days ago7 views

CVE-2026-55957

creationtimestamp| type| source ---|---|--- 2026-06-29 21:36:56+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mphh2yd4ic23 2026-06-29 22:43:44+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mphksgifwx23 2026-06-29 22:51:37+00:00| seen|...

7.3CVSS5.9AI score0.00431EPSS
Exploits0References11
Circl
Circl
added 6 days ago6 views

CVE-2026-57341

creationtimestamp| type| source ---|---|--- 2026-06-29 16:01:47+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpgudozghx2b 2026-06-29 20:22:37+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphcw47xbf22...

6.5CVSS5.8AI score0.00258EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-13742 Lack of signature verification before execution of downloaded content

Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, leading to the replacement of downloaded file with a malicious one. Honeywell also recommends...

5.8CVSS0.00083EPSS
Exploits0References1
Circl
Circl
added 6 days ago7 views

CVE-2026-13513

creationtimestamp| type| source ---|---|--- 2026-06-29 00:28:28+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpfa6sd5lg2m 2026-06-29 02:13:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpfg2pst3i2w...

5CVSS5.9AI score0.00133EPSS
Exploits0References2
Circl
Circl
added 6 days ago7 views

CVE-2026-13516

creationtimestamp| type| source ---|---|--- 2026-06-29 00:25:58+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpfa2crs3e25 2026-06-29 04:58:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpfpbuujq62j 2026-06-29 06:00:27+00:00| seen|...

9CVSS7.3AI score0.00466EPSS
Exploits0References3
Circl
Circl
added last week7 views

CVE-2026-13508

creationtimestamp| type| source ---|---|--- 2026-06-28 23:39:58+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpf5i3ikuf2s 2026-06-29 02:08:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpffrrfccn2x...

6.5CVSS6AI score0.00165EPSS
Exploits0References2
OSV
OSV
added 2026/06/28 11:3 a.m.6 views

MAL-2026-6558 Malicious code in fsociety-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88731d75288f663967fc64dde12b04eb43a2eb3d4113486bf35b1cf3d89ae537 On import, fsocietytools/init.py loads tokens.py, which at module load time instantiates TokenManager. The constructor concatenates eight large strin...

5.9AI score
Exploits0References4
OSV
OSV
added 2026/06/27 8:52 p.m.9 views

MAL-2026-6549 Malicious code in discord-token-generator (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebd016cfcb52b59c0141268099b96c1336a15ca1d0afce46f367c7fe376f57de discordtokengenerator/init.py imports tokens.py, which instantiates TokenManager at module load. The constructor calls notin, which concatenates eigh...

5.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/27 7:12 p.m.9 views

Malicious code in ts-ankle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1695e2ffa9252abe1053fc13895a071bd87cb27eb009eeb2262aae1a27da4ea5 On npm install, [email protected] runs a postinstall hook node test.js that executes two hostile flows against the installer's machine without user...

5.8AI score
Exploits0References2
Circl
Circl
added 2026/06/26 10:47 p.m.6 views

CVE-2026-50767

creationtimestamp| type| source ---|---|--- 2026-06-26 22:47:01+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mp7zljs7au2o 2026-06-29 17:33:46+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgzi6wa632w...

5.4CVSS5.8AI score0.00204EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2026/06/26 11:5 a.m.6 views

Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack

Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem. "The latest activity includes malicious npm releas...

6.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 9:23 a.m.6 views

Malicious code in sqligen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de59ac5884f286d69e42a71ba0cb7b99aa06d2b1f0e28a279a84d3db86eb3196 setup.py contains an obfuscated install-time dropper that fires on Windows. Two functions with diagnostic-sounding names 'GetDefaultSystemPolicy' /...

6.5AI score
Exploits0References7
OSV
OSV
added 2026/06/26 9:23 a.m.5 views

MAL-2026-6515 Malicious code in sqligen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de59ac5884f286d69e42a71ba0cb7b99aa06d2b1f0e28a279a84d3db86eb3196 setup.py contains an obfuscated install-time dropper that fires on Windows. Two functions with diagnostic-sounding names 'GetDefaultSystemPolicy' /...

6.5AI score
Exploits0References7
OSV
OSV
added 2026/06/26 1:51 a.m.7 views

MAL-2026-6501 Malicious code in wellnpm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cce5614817c010bad6d6bd86146713b627ad235b87d9ccd341bd3d996a80119 [email protected] ships a 24MB ELF binary named launch which is the XMRig Monero miner RandomX, cn/upx2, ghostrider algorithm strings, libuv/OpenSSL...

5.8AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.6 views

Malicious code in rstreams-metrics (npm)

The rstreams-metrics npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.2AI score
Exploits0References3
The Hacker News
The Hacker News
added 2026/06/24 3:59 p.m.7 views

Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered

A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC. "The main common goal was to disrupt the 'assembly lines' cybercriminals...

5.8AI score
Exploits0
OSV
OSV
added 2026/06/24 3:31 p.m.19 views

MAL-2026-6399 Malicious code in normalize-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8d9638f9c3f81ac15972cf2ff227b2d426a72c5e37035e54402648fe8120675 On import, normalize-plus's top-level initPlugin performs an HTTP GET against https://jsonkeeper.com/b/CI3HT, parses the JSON response, and evaluates...

6AI score
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2026/06/24 12:30 p.m.18 views

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

In this article 1. The role of infostealers: From credential theft to intrusion 2. StealC: Infostealer for rent 3. Amadey: Malware-as-a-service for delivery of infostealers 4. Defending against StealC and Amadey intrusions 5. Microsoft Defender detections 6. Indicators of compromise Infostealers...

6.2AI score
Exploits0
OSV
OSV
added 2026/06/23 9:53 p.m.6 views

MAL-2026-6357 Malicious code in theme-color-picker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a4ba7e8664b9e1d99c4018963a4731d591653d7f2a9b879ba090e7a7f6e7bd Although the package presents itself as a 'theme color picker', package.json identifies the publisher as analysis-chart.io with repository...

5.9AI score
Exploits0References4
Rows per page
Query Builder