Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka

A previously undocumented macOS infostealer has surfaced during our routine threat hunting. We initially tracked it as NukeChain , but shortly before publication, the malware’s operator panel became publicly visible, revealing its real name: Infiniti Stealer. This malware is designed to steal...

EUVD-2022-0165

Malicious code in bioql PyPI...

CVE-2022-2054

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...

Advisory ROSA-SA-2023-2236

software: nuitka 1.5 WASP: ROSA-CHROME packageevrstring: nuitka-1.5-3.src.rpm CVE-ID: CVE-2022-2054 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Deploy code to the GitHub nuitka/nuitka repository to version 0.9. CVE-STATUS: Fixed CVE-REV: To close, run the command: sudo dnf update nuitka...

SUSE CVE-2022-2054

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...

Command Injection

Nuitka is vulnerable to command injection. The vulnerability exists in the main function of main.py, allowing an attacker with the privileges of the running program by setting NUITKAPYTHONPATH, NUITKANAMESPACES or NUITKAPTHIMPORTED to inject and execute malicious payload strings...

Command Injection in Nuitka

Nuitka 0.8.4 and prior is vulnerable to command injection. A patch is available and anticipated to be part of the 0.9 release...

GHSA-4V3R-HQR9-69JF Command Injection in Nuitka

Nuitka 0.8.4 and prior is vulnerable to command injection. A patch is available and anticipated to be part of the 0.9 release...

DEBIAN-CVE-2022-2054

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...

CVE-2022-2054

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...

CVE-2022-2054

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...

CVE-2022-2054

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...

ghost-in-the-machine (=0.0.70), restful-starlette (>=0.0.1 <=0.0.4) +3 more potentially affected by CVE-2022-2054 via nuitka (>=0.6.10 <=0.6.19.7)

nuitka PYPI version =0.6.10, =0.0.1, =0.0.8, =7.15.0, =7.15.3 - teamscale-cli =7.1.0 Source cves: CVE-2022-2054 Source advisory: OSV:PYSEC-2022-209...

Code injection

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...

PYSEC-2022-209

Command Injection in GitHub repository nuitka/nuitka prior to 0.9...

PYSEC-2022-209

Command Injection in GitHub repository nuitka/nuitka prior to 0.9...

UBUNTU-CVE-2022-2054

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...

CVE-2022-2054 Code Injection in nuitka/nuitka

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...

CVE-2022-2054

CVE-2022-2054 affects Nuitka (nuitka/nuitka) prior to 0.9. Descriptions in multiple sources identify a code injection vulnerability with local impact. A patch is indicated to be part of the 0.9 release (or available afterwards) according to OSV/GHSA entries; Nessus notes unpatched status for some...

CVE-2022-2054 Code Injection in nuitka/nuitka

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...