33 matches found
MAL-2025-101124 Malicious code in cruel_marmot_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d93a91aa3d7308fec7e03a4ac11c999e5a2a415c1b501f127a436b0efdcba017 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2024-41660 slpd-lite unauthenticated memory corruption
slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon o...
FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks
The loader-as-a-service LaaS known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia reveal. "FakeBat primarily aims to download and execute the next-stage payload, such as IcedID, Lumma,...
Indian Software Firm's Products Hacked to Spread Data-Stealing Malware
Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply...
Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases
European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption E2EE. They called on the industry and governments to take urgent action to ensure public safety across social media platforms. "Priva...
Sketchy NuGet Package Likely Linked to Industrial Espionage Targets Developers
Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is SqzrFramework480, which...
BIT-MEDIAWIKI-2021-31552
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly executed certain rules related to blocking accounts after account creation. Such rules would allow for user accounts to be created while blocking only the IP address used to create an account and not...
BIT-MEDIAWIKI-2021-31554
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly handled account blocks for certain automatically created MediaWiki user accounts, thus allowing nefarious users to remain unblocked...
BIT-MEDIAWIKI-2021-36126
An issue was discovered in the AbuseFilter extension in MediaWiki through 1.36. If the MediaWiki:Abusefilter-blocker message is invalid within the content language, the filter user falls back to the English version, but that English version could also be invalid on a wiki. This would result in a...
Default credentials
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...
Malicious code in selfpongminehacked (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9c2060b33a5ebf65217d50cd8da507fad2a4b9de41e5ac2ae25e9ad0a6211b63 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
CVE-2021-22567 Bidirectional Override in Dart SDK
Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a progra...
Huawei EulerOS: Security Advisory for spamassassin (EulerOS-SA-2021-2450)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-36126
An issue was discovered in the AbuseFilter extension in MediaWiki through 1.36. If the MediaWiki:Abusefilter-blocker message is invalid within the content language, the filter user falls back to the English version, but that English version could also be invalid on a wiki. This would result in a...
GHSA-6QFG-8799-R575 Kubernetes kubectl cp Vulnerable to Symlink Attack
The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be...
CVE-2021-31554
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly handled account blocks for certain automatically created MediaWiki user accounts, thus allowing nefarious users to remain unblocked...
Code injection
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly handled account blocks for certain automatically created MediaWiki user accounts, thus allowing nefarious users to remain unblocked...
Huawei EulerOS: Security Advisory for spamassassin (EulerOS-SA-2021-1706)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : spamassassin (EulerOS-SA-2021-1706)
According to the version of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this,...
CopperStealer Malware Targets Facebook and Instagram Business Accounts
A malware that until now has gone undocumented has been quietly hijacking online accounts of advertisers and users of Facebook, Apple, Amazon, Google and other web giants since July 2019 and then using them for nefarious activity, researchers have found. Dubbed CopperStealer, the malware acts...