Malicious code in py-sysbench (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bcd34dcdc69398d2b97a0890cc550974824096b2844524f868505aa32032f147 Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...

MAL-2026-1280 Malicious code in py-sysbench (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bcd34dcdc69398d2b97a0890cc550974824096b2844524f868505aa32032f147 Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...

MAL-2026-1279 Malicious code in cpucheck (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5c9d20d009145b270e9b9f2bb73540bb7484845f0cbe9c73f4cf20cc28f776c9 Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...

Malicious code in cpucheck (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5c9d20d009145b270e9b9f2bb73540bb7484845f0cbe9c73f4cf20cc28f776c9 Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...

Malicious code in pyutils-helper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8b1055c03077c874d21f69aa9403cebd070e2b7398e27b44310c977219bc0e7a Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...

MAL-2026-1281 Malicious code in pyutils-helper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8b1055c03077c874d21f69aa9403cebd070e2b7398e27b44310c977219bc0e7a Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for February 2026

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.1.0 IF002 Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in configuration file processing by QOS.CH logback-core up to a...

Malicious code in myasicapi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 62067570b5217e75a025ba09e5e4f0d059439d8a7d30e056bdd501fe97e4f844 The code and related Github project promise to monitor hardware cryptominers. However, the code additionally hides two malicious capabilities functionalities: ...

WorldQuant Alpha Generator 代码问题漏洞

WorldQuant Alpha Generator is a mining software developed by zhutoutoutousan. Versions of WorldQuant Alpha Generator 1.0.9 and earlier have code vulnerabilities. These vulnerabilities stem from incorrect operations with the parameter makerequest in the file...

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2,349 GitHub, cloud, and AI credentials. Throughout 2024, ChatGPT vulnerabilities allowed...

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

An ongoing campaign has been observed targeting Amazon Web Services AWS customers using compromised Identity and Access Management IAM credentials to enable cryptocurrency mining. The activity, first detected by Amazon's GuardDuty managed threat detection service and its automated security...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 2.1.0

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.1.0 Vulnerability Details CVEID:CVE-2025-41248 DESCRIPTION: The Spring Security annotation detection mechanism may not correctly resolve annotatio...

Identification of Malicious Posts on the Dark Web Using Supervised Machine Learning

Given the constant growth and increasing sophistication of cyberattacks, cybersecurity can no longer rely solely on traditional defense techniques and tools. Proactive detection of cyber threats has become essential to help security teams identify potential risks and implement effective mitigatio...

Incentive Attacks in BTC: Short-Term Revenue Changes and Long-Term Efficiencies

Bitcoin's BTC Difficulty Adjustment Algorithm DAA has been a source of vulnerability for incentive attacks such as selfish mining, block withholding and coin hopping strategies. In this paper, first, we rigorously study the short-term revenue change per hashpower of the adversarial and honest...

CVE-2017-20210

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research...

QNAP Photo Station XMR Mining Vulnerability (NAS-201705-04)

QNAP Photo Station is prone to a vulnerability related to XMR mining programs. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-20210

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research...

CVE-2017-20210

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research...

CVE-2017-20210 Photo Station

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research...

CVE-2017-20210 Photo Station

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research...