Malicious code in calculator-c08d6d50f5964131 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6343baa8b5e97a91b02979723f28035221550addc225d0e3911916a51ef5ef37 Clearly research/pentesting examples containing reverse shell. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also anythin...

MAL-2024-12229 Malicious code in calculator-c08d6d50f5964131 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6343baa8b5e97a91b02979723f28035221550addc225d0e3911916a51ef5ef37 Clearly research/pentesting examples containing reverse shell. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also anythin...

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back

Attackers are increasingly using new phishing toolkits open-source, commercial, and criminal to execute adversary-in-the-middle AitM attacks. AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional phishing prevention controls such as MF...

CVE-2024-45049

Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the availability of systems. The problem can be fixed by applying...

CVE-2024-45049 Nix Hydra Missing authentication when triggering evaluations

Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the availability of systems. The problem can be fixed by applying...

CVE-2024-45049 Nix Hydra Missing authentication when triggering evaluations

Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the availability of systems. The problem can be fixed by applying...

Exploit for Improper Input Validation in Cacti

Cacti CVE-2024-25641 Authenticated Package Upload RCE Proof of...

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks

Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized ...

[SECURITY] Fedora 40 Update: nginx-1.26.2-1.fc40

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

Exploit for Path Traversal in Apache Http_Server

Apache-HTTP-Server-2.4.50-RCE This tool is designed to test A...

Fedora: Security Advisory for nginx (FEDORA-2024-8ba5080dfa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for nginx (FEDORA-2024-6ba57fd2a3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules

Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon...

OESA-2024-2059 golang security update

. Security Fixes: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...

[SECURITY] Fedora 40 Update: iaito-5.9.4-1.fc40

iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse...

[SECURITY] Fedora 40 Update: radare2-5.9.4-1.fc40

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

[SECURITY] Fedora 39 Update: radare2-5.9.4-1.fc39

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

[SECURITY] Fedora 39 Update: iaito-5.9.4-1.fc39

iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse...

Fedora: Security Advisory for radare2 (FEDORA-2024-a562addefa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-3667e29b88)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...