146 matches found
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services AWS, Google Cloud, and Microsoft Azure to create a covert SMTP email relay network. "Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified f...
Malicious code in httpx-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5d3d6ca7ec9867abcf3fb8a0170ca44801107a64fb1ff7f9aa437dd7b1f59845 During installation, package downloads downloads and executes next-stage script that then downloads a Sliver beacon and establishes persistence via a systemd...
MAL-2026-3216 Malicious code in httpx-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5d3d6ca7ec9867abcf3fb8a0170ca44801107a64fb1ff7f9aa437dd7b1f59845 During installation, package downloads downloads and executes next-stage script that then downloads a Sliver beacon and establishes persistence via a systemd...
GO-2026-4899 Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted in github.com/bishopfox/sliver
Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel rportfwd close is attempted in github.com/bishopfox/sliver...
PT-2026-29943
Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel rportfwd close is attempted in github.com/bishopfox/sliver...
CVE-2026-34227
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click on a malicious link gives an unauthenticated attacker immediate, silent control over every active C2 session or beacon, capable of exfiltrating all collected target data e.g. SS...
GHSA-6FPF-248C-M7WM Sliver One-Click Remote Access: Insecure CORS & Unauthenticated MCP Interface
A single click on a malicious link gives an unauthenticated attacker immediate, silent control over every active C2 session or beacon, capable of exfiltrating all collected target data e.g. SSH keys, ntds.dit or destroying the entire compromised infrastructure, entirely through the operator's own...
CVE-2026-34227
Sliver is an open-source C2 framework using a custom WireGuard netstack. Technical details in connected docs show a vulnerability in versions prior to 1.7.4 where a single click on a malicious link can grant an unauthenticated attacker immediate, silent control over active C2 sessions or beacons,...
CVE-2026-34227
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click on a malicious link gives an unauthenticated attacker immediate, silent control over every active C2 session or beacon, capable of exfiltrating all collected target data e.g. SS...
CVE-2026-34227 Sliver One-Click Remote Access: Insecure CORS & Unauthenticated MCP Interface
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click on a malicious link gives an unauthenticated attacker immediate, silent control over every active C2 session or beacon, capable of exfiltrating all collected target data e.g. SS...
EUVD-2026-17490
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click on a malicious link gives an unauthenticated attacker immediate, silent control over every active C2 session or beacon, capable of exfiltrating all collected target data e.g. SS...
Sliver 安全漏洞
Sliver is an open-source, cross-platform opponent simulation/red team framework developed by Bishop Fox. It can be used by organizations of various sizes for security testing. Versions of Sliver prior to 1.7.4 contained security vulnerabilities. These vulnerabilities allowed unauthenticated...
SUSE CVE-2026-32941
Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...
GO-2026-4723 Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports in github.com/bishopfox/sliver
Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports in github.com/bishopfox/sliver...
CVE-2026-32941
Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...
SUSE CVE-2026-29781
Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting...
CVE-2026-32941
Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...
CVE-2026-32941 Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports
Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...
CVE-2026-32941
Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...
CVE-2026-32941 Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports
Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...