Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

The Hacker News
The Hacker Newsadded 2025/10/13 5:12 a.m.4 views

New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs

Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts. "Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileg...

7.8AI score
Exploits0
Malwarebytes
Malwarebytesadded 2025/10/09 7:5 p.m.3 views

Fake VPN and streaming app drops malware that drains your bank account

Security researchers are warning Android users to delete a fake VPN and streaming app that can let criminals take over their phones and drain their bank accounts. The app, Mobdro Pro IP TV + VPN, was discovered by researchers at Cleafy to be a malicious sideloaded app, not a legitimate VPN. Their...

6.9AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/09/21 7:24 p.m.4 views

CVE-2024-13990

MicroWorld eScan AV's update mechanism failed to ensure authenticity and integrity of updates: update packages were delivered and accepted without robust cryptographic verification. As a result, an on-path attacker could perform a man-in-the-middle MitM attack and substitute malicious update...

9.3CVSS8AI score0.00268EPSS
Exploits0References1
Malwarebytes
Malwarebytesadded 2025/08/27 1:56 p.m.3 views

Developer verification: a promised lift for Android security

To reduce the number of harmful apps targeting Android users, Google has announced that certified Android devices will require all apps to be registered by verified developers in order to be installed. But this new measure is not just about malware that's found on the Google Play Store, it’s main...

7.1AI score
Exploits0
Snyk
Snykadded 2025/08/25 1:12 p.m.3 views

Malicious Package

Overview colorinal is a malicious package. This package is part of a multi-stage attack and its content was removed from the official package manager. The attack utilizes a seemingly harmless package to introduce a malicious dependency. The goal of this attack is to gain remote code execution on...

9.8CVSS8AI score
Exploits0References3
Kitploit
Kitploitadded 2022/06/13 9:30 p.m.24 views

SharpEventPersist - Persistence By Writing/Reading Shellcode From Event Log

Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file "C:\path\to\shellcode.bin" -instanceid 1337 -source Persistence -eventlog "Key Management Service". The shellcode is converted to hex and written to the "Key Manageme...

7.4AI score
Exploits0References1
ThreatPost
ThreatPostadded 2021/08/09 4:18 p.m.91 views

Android Malware ‘FlyTrap’ Hijacks Facebook Accounts

Researchers have uncovered a new Android trojan, dubbed FlyTrap, that’s spread to more than 10,000 victims via rigged apps on third-party app stores, sideloaded apps and hijacked Facebook accounts. In a report posted on Monday, Zimperium’s zLabs mobile threat research teams wrote that FlyTrap has...

6.9AI score
Exploits0References10
Rows per page
Query Builder