961 matches found
EUVD-2026-36753
Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetratmode via the ratMode parameter...
CVE-2026-38062
Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetratmode via the ratMode parameter...
PT-2026-49293
Name of the Vulnerable Software and Affected Versions Tenda 5G03 version V05.03.02.04 Version 1.0 Description Command injection is possible in the action set rat mode function through the ratMode parameter. Recommendations At the moment, there is no information about a newer version that contains...
CVE-2026-38062
Summary: CVE-2026-38062 affects Tenda 5G03 (V05.03.02.04, Version 1.0). The issue is a command injection in the function action_set_rat_mode via the ratMode parameter. Multiple trusted sources (NVD, EUVD, CVE lists, vuln enrichment) describe this vulnerability with the same root cause. The CVSS v...
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories
It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there's a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones browsers, and research showing AI agents can be tricked into leaking real...
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been complemented by a "rapid operational tempo" and a continually evolving malware arsenal comprising known...
Google DoubleClick Abused in New Malspam Campaign to Deliver .NET Loader
Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver an unidentified .NET-based loader. "Before the victim ever reaches attacker-controlled infrastructure, the lure routes through DoubleClick...
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance with an open-source remote access trojan called Xeno RAT. "The campaign opens with a spear phishing delivery - a ZIP...
Malicious code in msc-terminal (npm)
Part of a multi-package malicious campaign, msc-terminal npm author nhpkevte1576 carries the same payload as eo-terminal and logger-draft — a fully-featured infostealer and remote access trojan RAT deployed via a postinstall hook. All three packages share the same C2 infrastructure and attack...
Malicious code in eo-terminal (npm)
Part of a multi-package malicious campaign by npm author toskypi, eo-terminal is a fully-featured infostealer and remote access trojan RAT disguised as "terminal changelog logger utilities." The package README describes a completely different package terminal-logger-utils, indicating a...
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications provider in the Middle East since at least mid-2022. "Showboat is a modular post-exploitation framework designed for Linux systems, capable...
Banana RAT Malware in Fake Invoices Hits Customers at 16 Brazilian Banks
Banana RAT malware hidden in fake invoices and security update screens targets customers at 16 Brazilian banks stealing data with QR fraud...
MAL-2026-4199 Malicious code in ts-logger-pack (npm)
ts-logger-pack is a malicious npm package that depends on terminal-logger-utils and triggers the malicious behavior in that package when installed or imported. The terminal-logger-utils payload executes a postinstall hook that opens utils.cjs, an obfuscated malware dropper. The dropper downloads...
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
In this blog entry, researchers from the TrendAI™ MDR team discuss how they mapped the full end-to-end operation of SHADOW-WATER-063’s Banana RAT banking malware by analyzing server-side artifacts and victim-side data...
Malicious code in pyenvprep (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 963727b60e7fa8536050eb0f4691dc8bec6089567630063305d05ddceb4834cd Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...
MAL-2026-3829 Malicious code in pyenvprep (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 963727b60e7fa8536050eb0f4691dc8bec6089567630063305d05ddceb4834cd Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...
Hackers Use PyInstaller and AMSI Patching to Deliver XWorm RAT v7.4
Hackers are hiding XWorm malware in PyInstaller files to bypass Windows security, steal data and remotely control devices through ads...
Malicious code in venv-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9af11c23295a9a592b6fd62d62490669a752ab6dc6c0b755ebd068ec6371375f Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...
MAL-2026-3803 Malicious code in venv-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9af11c23295a9a592b6fd62d62490669a752ab6dc6c0b755ebd068ec6371375f Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,…...