Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

The Hacker News
The Hacker Newsadded 2025/11/19 10:0 a.m.7 views

EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates

The threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper to facilitate adversary-in-the-middle AitM attacks. EdgeStepper "redirects all DNS queries to an external, malicious hijacking node, effectively rerouting the...

6.6AI score
Exploits0
Gitee
Giteeadded 2025/09/14 6:2 p.m.91 views

WindowsRegistryRootkit

It is an offensive tool for Windows. This repository contains a kernel rootkit that resides within Windows registry value data, developed by Oleksiuk Dmytro aka Cr4sh. The rootkit exploits a zero-day vulnerability in win32k.sys, a Windows kernel-mode driver, through a buffer overflow in the...

7.4AI score
Exploits0
The Hacker News
The Hacker Newsadded 2025/01/28 11:1 a.m.17 views

Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations

Cybersecurity researchers have found that ransomware attacks targeting ESXi systems are also leveraging the access to repurpose the appliances as a conduit to tunnel traffic to command-and-control C2 infrastructure and stay under the radar. "ESXi appliances, which are unmonitored, are increasingl...

7.7AI score
Exploits0
Securelist
Securelistadded 2022/09/28 8:0 a.m.27 views

Prilex: the pricey prickle credit card complex

Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. The group was behind one of the largest attacks on ATMs in the country, infecting and jackpotting more than 1,000 machines, while also cloning in excess of 28,000 credit cards that...

0.4AI score
Exploits0
ThreatPost
ThreatPostadded 2020/08/25 2:46 p.m.21 views

Lazarus Group Targets Cryptocurrency Firms Via LinkedIn Messages

The nation-state threat operator Lazarus Group is being tied to a recent phishing campaign that targeted admins at a cryptocurrency firm via LinkedIn messages. Researchers say that the recently identified a series of incident that were part of a broader campaign targeting businesses worldwide...

0.5AI score
Exploits0References16
Cvelist
Cvelistadded 2018/05/14 2:0 p.m.14 views

CVE-2018-10252

An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. The admin login session cookie is insecurely generated making admin session hijacking possible. When an admin logs in, a session cookie is generated using the time of day rounded to 10ms. Since the web server returns its...

8.1AI score0.00324EPSS
Exploits0References1
Rows per page
Query Builder