Malicious code in lazmat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 292e8512aa9e77a20a04a58cee3529ea31b9451e5c9067bbad7be57b5eb8c7fb Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-191779 Malicious code in lazmat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 292e8512aa9e77a20a04a58cee3529ea31b9451e5c9067bbad7be57b5eb8c7fb Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-191759 Malicious code in hkmat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3c3063747c35c5ae091331ac2c35dbef66c945aca73b06ee32ef1f0ec088009 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

Malicious code in hkmat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3c3063747c35c5ae091331ac2c35dbef66c945aca73b06ee32ef1f0ec088009 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-191750 Malicious code in hekamhelp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ac329f6244d2faf82ef12a167d1b46de2a9043fb1c086b67a45458d75d227562 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

Malicious code in hekamhelp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ac329f6244d2faf82ef12a167d1b46de2a9043fb1c086b67a45458d75d227562 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

Malicious code in talbat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa560ce194b853d26b02cc7a6fc99298c2b1de4516a8beb84b84475aa1fb23b3 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-191885 Malicious code in talbat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa560ce194b853d26b02cc7a6fc99298c2b1de4516a8beb84b84475aa1fb23b3 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...

CVE-2025-53927

MaxKB before 2.0.0 has a sandbox bypass where the security design restricts only a specific directory’s execution permissions. An attacker can abuse Python’s shutil.copy2 to copy a command into the executable directory, bypassing the directory restrictions and enabling a reverse shell. Affected p...

CVE-2025-53927 MaxKB sandbox bypass

MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the shutil.copy2 method in Python to copy the command they...

Enterprise Security Incident Analysis and Countermeasures Based on the T-Mobile Data Breach

This paper presents a comprehensive analysis of T-Mobile's critical data breaches in 2021 and 2023, alongside a full-spectrum security audit targeting its systems, infrastructure, and publicly exposed endpoints. By combining case-based vulnerability assessments with active ethical hacking...

MaxKB 代码注入漏洞

MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. A code injection vulnerability exists in MaxKB versions prior to 2.0.0, which stems from the fact that sandbox design rules can be bypassed, potentially leading to a...

BIT-APACHE-2025-49630 Apache HTTP Server: mod_proxy_http2 denial of service

In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in modproxyhttp2. Configurations affected are a reverse proxy is configured for an HTTP/2 backend, with...

Exploit for CVE-2022-25226

ThinVNC 1.0b1 - Authentication Bypass to Remote Code Execution...

📄 Remote Mouse 4.601 Remote Command Execution

This exploit targets Remote Mouse version 4.6.0.1 by injecting malicious UDP packets that simulate keyboard input to execute arbitrary PowerShell commands. The vulnerability exists in the way Remote Mouse processes unauthenticated UDP commands on port 1978 by sending specially crafted packets...

SUSE CVE-2025-49630

In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in modproxyhttp2. Configurations affected are a reverse proxy is configured for an HTTP/2 backend, with...

CVE-2025-50122

A CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installation or upgrade artifacts...

CVE-2025-50122

CVE-2025-50122 affects Schneider Electric EcoStruxure IT Data Center Expert (DCE). The issue is an Insufficient Entropy weakness in the root password generation: the appliance uses a MAC-derived seed and a JAR-based algorithm to compute a root password, which can be determined if the attacker has...

CVE-2025-50122

A CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installation or upgrade artifacts...

CVE-2025-7379

A security bypass vulnerability allows exploitation via Reverse Tabnabbing, a type of phishing attack where attackers can manipulate the content of the original tab, leading to credential theft and other security risks. This issue affects DataSync Center: from 1.1.0 before 1.1.0.r207, and from...