CVE-2026-0866

After the publication of the PoC by the researcher and further analysis, we have determined that this issue does not constitute a valid vulnerability. The technique described is an obfuscation method and does not bypass or impact any implicit or explicit security controls...

MAL-2026-698 Malicious code in tableshow (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4fe9c764b4cb621cdd65c3dee4c4cf00cc273aab33642ebce5690b3d5c8d71e1 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

Rebranded Knight Ransomware Targeting Healthcare and Businesses Worldwide

An analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as Cyclops. Knight aka Cyclops 2.0 ransomware first arrived in May 2023, employing double extortion tactics to...

Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!

Malicious actors have published more than 451 unique Python packages on the official Python Package Index PyPI repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a...

DynamicPHPCode Filtering Bypass leads to Remote Code Execution

Description The "Websites" module in Dolibarr CRM version 6.0.3 and below has "checkPHPCode" function check to ensure that the page not contains any malicious function. However, this funtion only check by using match word searching, that allows malicious authenticated user can bypass by using...

MosaicLoader Malware Delivers Facebook Stealers, RATs

A never-before-documented Windows malware strain dubbed MosaicLoader is spreading worldwide, acting as a full-service malware-delivery platform that’s being used to infect victims with remote-access trojans RATs, Facebook cookie stealers and other threats. That’s according to Bitdefender...

Watch Out — Microsoft Warns Android Users About A New Ransomware

Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced wit...

Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach

The FireEye Front Line Applied Research & Expertise FLARE Team attempts to always stay on top of the most current and emerging threats. As a member of the FLARE Reverse Engineer team, I recently received a request to analyze a fairly new credential stealer identified as MassLogger. Despite the la...

Metasploit Multiple Browsers Obfuscation Technique

Remote attackers can use metasploit modules in order to check for potential browser vulnerabilities on a target client. This information can later be used for attacks...

Blackmoon Banking Trojan Using New Infection Technique

New clues have surfaced on how the Blackmoon banking Trojan is infecting its victims using a new framework to deliver the malware. “We noticed recent campaigns two weeks ago where Blackmoon had shifted its infection strategy and is now utilizing a unique and interesting technique,” said Hardik...

Locky Ransomware, Kovter Click-Fraud Malware Spreading in Same Campaigns

Researchers at Microsoft’s Malware Protection Center have spotted malicious email campaigns using .lnk attachments to spread Locky ransomware and the Kovter click-fraud Trojan, the first time criminals have simultaneously distributed both pieces of malware. According to Microsoft, the .lnk file n...

Microsoft Warns of Sneaky New Macro Trick

Microsoft is warning of an innovative new technique attackers are using to sneak macro malware past virus detection engines and add to the already huge uptick in reported macro attacks. According to researchers at Microsoft’s Malware Protection Center, they stumbled upon the macro technique in a...

Design/Logic Flaw

HR Systems Strategies info:HR HRIS 7.9 does not properly protect the database password, which allows local users to bypass intended database restrictions by accessing the USERPW registry key and bypassing an unspecified obfuscation technique...