Malicious code in @zalastax/nolb-pif (npm)

The package @zalastax/nolb-pif was found to contain malicious code...

MAL-2025-39966 Malicious code in xray-pif-project (npm)

The package xray-pif-project was found to contain malicious code...

MAL-2025-13151 Malicious code in @zalastax/nolb-pif (npm)

The package @zalastax/nolb-pif was found to contain malicious code...

Malicious code in xray-pif-project (npm)

The package xray-pif-project was found to contain malicious code...

Beware: New DoubleFinger Loader Targets Cryptocurrency Wallets with Stealer

A novel multi-stage loader called DoubleFinger has been observed delivering a cryptocurrency stealer dubbed GreetingGhoul in what's an advanced attack targeting users in Europe, the U.S., and Latin America. "DoubleFinger is deployed on the target machine, when the victim opens a malicious PIF...

Threat Outbreak Alert: Fake Airline Ticket Order Notification Email Messages on February 10, 2014

Medium Alert ID: 32792 First Published: 2014 February 10 18:50 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an airline ticket order notification for the recipient. The text in the email message attempts to convince th...

Code injection

Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted 1 .LNK or 2 .PIF shortcut file, which is not properly handled during icon display in Windows Explorer...

PT-2010-1167 · Microsoft +1 · Windows Explorer +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 Description: The issue is related to errors in processing files with .LNK or .PIF extensions. Exploitation of this issue can allow a...

Microsoft Windows Shortcut 'LNK/PIF' Files Automatic File Execution Vulnerability

Description Microsoft Windows is prone to a vulnerability that may allow a file to automatically run because the software fails to properly handle 'LNK' files or 'PIF' files. An attacker may exploit this issue to execute arbitrary code. The attacker must entice a victim to view a specially crafte...

PT-2005-3154 · Gaim +1 · Gaim +1

Name of the Vulnerable Software and Affected Versions: Microsoft MSN Messenger affected versions not specified Gaim affected versions not specified Description: The issue allows remote attackers to cause a denial of service by sending a plaintext message containing the ".pif" string. This string ...