GO-2026-4899 Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted in github.com/bishopfox/sliver

Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel rportfwd close is attempted in github.com/bishopfox/sliver...

Malicious code in k8s-node-health (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9358111fecbdb3180b8f4c0c6543abff3024c59deaf488cf3a34089820e96172 During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...

PT-2026-29943

Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel rportfwd close is attempted in github.com/bishopfox/sliver...

Malicious code in kube-node-health (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 391555cff14c82156843bee267daf896c3e3e989b9c899ef34b12ac7e23b1c7e During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...

MAL-2026-2400 Malicious code in kube-node-health (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 391555cff14c82156843bee267daf896c3e3e989b9c899ef34b12ac7e23b1c7e During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...

GHSA-C279-989M-238F Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted

Summary A nil pointer dereference in tunnelCloseHandler causes the handler goroutine to panic whenever a reverse tunnel rportfwd close is attempted. Both the legitimate close path AND the unauthorized close path dereference tunnel.SessionID where tunnel is guaranteed nil. This means rportfwd...

Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted

Summary A nil pointer dereference in tunnelCloseHandler causes the handler goroutine to panic whenever a reverse tunnel rportfwd close is attempted. Both the legitimate close path AND the unauthorized close path dereference tunnel.SessionID where tunnel is guaranteed nil. This means rportfwd...

CVE-2025-57601

AiKaan Cloud Controller uses a single hardcoded SSH private key and the username proxyuser for remote terminal access to all managed IoT/edge devices. When an administrator initiates "Open Remote Terminal" from the AiKaan dashboard, the controller sends this same static private key to the target...

CVE-2025-57601

AiKaan Cloud Controller uses a single hardcoded SSH private key and the username proxyuser for remote terminal access to all managed IoT/edge devices. When an administrator initiates "Open Remote Terminal" from the AiKaan dashboard, the controller sends this same static private key to the target...

CVE-2025-57601

Affected software : AiKaan Cloud Controller. Vulnerability : uses a single hardcoded SSH private key and the same proxyuser for remote terminal access to all managed IoT/edge devices; when Open Remote Terminal is invoked, the static key is sent to the target device, enabling reverse SSH tunnels t...

CVE-2025-57601

AiKaan Cloud Controller uses a single hardcoded SSH private key and the username proxyuser for remote terminal access to all managed IoT/edge devices. When an administrator initiates "Open Remote Terminal" from the AiKaan dashboard, the controller sends this same static private key to the target...

SSRF in sliver teamserver

Summary The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so Reproduction steps Run server wget...