Malicious code in @ensdomains/reverse-records (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5e16814335619e8655b02ca0583e019d232eb4f008db3e99d25f3ad1eb3d18c The package @ensdomains/reverse-records was found to contain malicious code. Source: ghsa-malware...

PT-2025-47956

Rooting Tesla's Linux-based infotainment system typically involves exploiting software vulnerabilities, like improper access controls in diagnostic interfaces e.g., CVE-2022-42008. Enthusiasts connect via Ethernet ports, use tools to gain a reverse shell, and set up persistence by modifying...

Linux Distros Unpatched Vulnerability : CVE-2025-0033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentially resulting in a lo...

Exploit for Use of Uninitialized Resource in Microsoft

Proof-of-Concept exploit for the Untrusted Pointer Dereferenc...

EBPF-PATROL: Protective Agent for Threat Recognition and Overreach Limitation Using EBPF in Containerized and Virtualized Environments

With the increasing use and adoption of cloud and cloud-native computing, the underlying technologies i.e., containerization and virtualization have become foundational. However, strict isolation and maintaining runtime security in these environments has become increasingly challenging. Existing...

EulerOS 2.0 SP13 : mod_http2 (EulerOS-SA-2025-2450)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

EulerOS 2.0 SP13 : mod_http2 (EulerOS-SA-2025-2440)

According to the versions of the modhttp2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

TencentOS Server 4: cpp-httplib (TSSA-2025:0374)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0374 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Exploit for CVE-2025-34299

Monsta FTP CVE-2025-34299 Exploit Python exploit for the RCE...

Malicious code in pam98wyfupa98w (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be7177fd2d56b518724377233ca5eda13a07f6252e400cfb4c1115db456b5fd8 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...

MAL-2025-191810 Malicious code in pam98wyfupa98w (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be7177fd2d56b518724377233ca5eda13a07f6252e400cfb4c1115db456b5fd8 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...

Malicious code in d1n0-exploit-aaaa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64210508ed5694fbb8abfa75dbca12a3f6a0ebc0b653866d6fd01de23cdc5170 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...

MAL-2025-191710 Malicious code in d1n0-exploit-aaaa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64210508ed5694fbb8abfa75dbca12a3f6a0ebc0b653866d6fd01de23cdc5170 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...

MAL-2025-191711 Malicious code in d1n0exploitaaaa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7ecd01d9010a3e9192c6636d4ddefa1e493438b1bbf65002e8daf6a014067692 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...

Malicious code in d1n0exploitaaaa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7ecd01d9010a3e9192c6636d4ddefa1e493438b1bbf65002e8daf6a014067692 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...

EulerOS 2.0 SP10 : mod_http2 (EulerOS-SA-2025-2395)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

EulerOS 2.0 SP12 : mod_http2 (EulerOS-SA-2025-2366)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

EulerOS 2.0 SP10 : mod_http2 (EulerOS-SA-2025-2423)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

Reverse Tabnabbing Attacks

jupyterlab is vulnerable to Reverse Tabnabbing attacks. The vulnerability is due to missing the noopener attribute in links generated by LaTeX typesetters in Markdown cells and files, which allows an attacker to exploit links with target=blank to potentially hijack the originating browser tab...

[SECURITY] Fedora 41 Update: golang-github-openprinting-ipp-usb-0.9.30-7.fc41

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol...