997 matches found
GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware
In this article 1. A wiper inside a backdoor 2. Backdoor capabilities 3. How GigaWiper was assembled 4. Conclusion: Multiple destructive capabilities consolidated into a single implant 5. Defending against destructive threats 6. Microsoft Defender detections 7. Indicators of compromise In October...
[SECURITY] Fedora 43 Update: python-django-haystack-3.4.0-1.fc43
Haystack provides modular search for Django. It features a unified, familiar API that allows you to plug in different search backends such as Solr, Elasticsearch, Whoosh, Xapian, etc. without having to modify your code. Haystack is BSD licensed, plays nicely with third-party app without needing t...
[SECURITY] Fedora 44 Update: python-django-haystack-3.4.0-1.fc44
Haystack provides modular search for Django. It features a unified, familiar API that allows you to plug in different search backends such as Solr, Elasticsearch, Whoosh, Xapian, etc. without having to modify your code. Haystack is BSD licensed, plays nicely with third-party app without needing t...
Linux Distros Unpatched Vulnerability : CVE-2026-10512
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully...
PYSEC-2026-427 Modular Max Serve has Unsafe Deserialization vulnerability
Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature is used allowing attackers to execute arbitrary code...
PT-2026-52561
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The X25519 x86 64 assembly implementation fails to clear the most significant bit during the final modular reduction. This occurs because the final...
webstrike-framework
WebStrike — Automated Web Pentesting Framework Created by...
Exploit for CVE-2026-23550
🧨 CVE-2026-23550 – Modular Connector Admin Bypass Unauthentic...
auto_exploiter
Auto-Exploiter Framework ⚠️ LEGAL DISCLAIMER — Authorised...
SUSE-SU-2026:2286-1 Security update for libjxl
This update for libjxl fixes the following issues: Security fixes: - CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks bsc1266460. Other fixes: - Update to version 0.10.5: - fix tile dimension in low memory rendering pipeline. - fix numb...
exploit-validator
$repo Production-grade offensive security tool for Purpose...
The vulnerability of the modular interface of the Ruby-based Rack web server allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Ruby-based Rack web server’s modular interface is related to partial comparison. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the modular interface of the Ruby-based Rack web server allows a hacker to trigger a service failure.
The vulnerability of the modular interface of the Ruby-based Rack web server is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...
MAECO-Lite: Modular Ontology for Dynamic Malware Analysis
Capturing dynamic malware behavior in a practical but still semantically precise manner remains a significant challenge in cyber threat intelligence. While standards such as MAEC and STIX provide widely adopted vocabularies for describing malware artifacts and observations, they represent data wi...
[SECURITY] Fedora 44 Update: unbound-1.25.1-1.fc44
Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...
Ubuntu 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
Astra Linux – Vulnerability in nss
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, allowing for a timing-based side channel attack. This vulnerability affects Firefox versions less than 80, as well as Firefox for Android versions less than 80...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: s390/zcrypt: Fixed a memory leak when CCA cards are used as accelerators. Tests revealed that a memory leak occurs when CCA cards are used as accelerators for clear-key RSA requests ME and CRT. With the latest modifications to...
Astra Linux – Vulnerability in mbedtls
A issue was discovered in Arm Mbed TLS prior to version 2.23.0. Due to a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed...
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer P2P botnet that's engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cybersecurity and Infrastructure Security Agency CISA, is assess...