Malicious code in ionic-insta-api-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02b21f843420dc38a87320830c9f9bd48d72a2938774100b1ee08a2db708abbc ionic-insta-api-wrapper is presented as an Instagram API client but its advertised login API silently relays caller-supplied credentials and session...

MAL-2026-4446 Malicious code in @solarcraft/observix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14c39608a172a624520f309b572b40636dc51563f85fe89dac968712490dd40f The package advertises itself as a zero-dependency colorized logger similar to pino-pretty, but dist/index.js does require'./logger' purely for its...

Malicious code in forge-jsx (npm)

forge-jsx is a malicious npm package that impersonates an Autodesk Forge SDK. It was published as a fully-formed RAT from its first version on April 7, 2026. Installing the package on any non-CI machine deploys a persistent background agent that captures all keystrokes, monitors clipboard content...

Attackers impersonate Temu in ClickFix $Temu airdrop scam

Update Friday, March 13: A Temu spokesperson contacted us to say: " Temu has not issued any cryptocurrency, token, or digital asset—including any so-called "Temu Coin." Any airdrop, wallet claim, or cryptocurrency offer purporting to be from Temu is fraudulent and has no connection to our company...

CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

EUVD-2026-5127

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

CVE-2026-1741

The following sources document CVE-2026-1741 affecting EFM ipTIME A8004T 14.18.2. The vulnerability concerns the Debug Interface component, specifically the httpcon_check_session_url function in /sess-bin/d.cgi. The described flaw allows manipulation of the cmd argument to trigger a backdoor, wit...

EUVD-2023-58837

Malicious code in bioql PyPI...

CVE-2025-8938 TOTOLINK N350R Telnet Service formSysTel backdoor

A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826. This issue affects the function formSysTel of the file /boafrm/formSysTel of the component Telnet Service. The manipulation of the argument TelEnabled leads to backdoor. The attack may be initiated remotely. The exploit has been disclos...

CVE-2025-6839 Conjure Position Department Service Quality Evaluation System head.php eval backdoor

A vulnerability, which was classified as critical, has been found in Conjure Position Department Service Quality Evaluation System up to 1.0.11. Affected by this issue is the function eval of the file public/assets/less/bootstrap-less/mixins/head.php. The manipulation of the argument payload lead...

PT-2023-32716 · Typecho · Typecho

Name of the Vulnerable Software and Affected Versions: Typecho version 1.2.1 Description: A vulnerability was found in the file /admin/manage-pages.php of the component Page Handler, which can lead to a backdoor. The attack can be launched remotely. The exploit has been disclosed to the public an...

HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account

Exploit Title: HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account Dork: N/A Date: 2020-02-03 Exploit Author: Snawoot Vendor Homepage: http://www.hisilicon.com Product Link: http://www.hisilicon.com/en/Products Version: hi3520d Tested on: Linux CVE: N/A References:...

HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account Exploit

Exploit Title: HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account Exploit Author: Snawoot Vendor Homepage: http://www.hisilicon.com Product Link: http://www.hisilicon.com/en/Products Version: hi3520d Tested on: Linux CVE: N/A References: https://habr.com/en/post/486856/ References:...

CVE-2018-9149

The Zyxel Multy X AC3000 Tri-Band WiFi System device doesn't use a suitable mechanism to protect the UART. After an attacker dismantles the device and uses a USB-to-UART cable to connect the device, he can use the 1234 password for the root account to login to the system. Furthermore, an attacker...

CVE-2017-12084

A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server...

phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPFILEMANAGER0729.txt Vendor: ================================ phpfm.sourceforge.net Product: ============================ phpFileManager version 0.9.8 Vulnerability Type:...

phpFileManager 0.9.8 - CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: CSRF Remote Backdoor Shell Google Dork: intitle: CSRF Remote Backdoor Shell Date: 2015-07-29 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: phpfm.sourceforge.net Software Link:...