Exploit for Download of Code Without Integrity Check in Nicehash Quickminer

CVE-2025-56513 Critical Supply-Chain Vulnerability in NiceHash...

EUVD-2025-31754

Malicious code in bioql PyPI...

CVE-2025-56513

NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver arbitrary executables that are automatically executed,...

NiceHash QuickMiner 安全漏洞

NiceHash QuickMiner is a cryptocurrency miner software open source by NiceHash.com. A security vulnerability exists in NiceHash QuickMiner version 6.12.0 that originates from executing a software update over HTTP without verifying digital signatures or hash checking, which could lead to remote co...

CVE-2025-56513

CVE-2025-56513 affects NiceHash QuickMiner v6.12.0, where the update mechanism uses HTTP without signature/hash verification, enabling a Network-based MITM to replace updates and execute arbitrary code. Root cause: unencrypted update delivery and absence of digital signatures/integrity checks for...