14751 matches found
Exploit for CVE-2026-48732
CVE-2026-48732: Warp Remote SSH cwd Command Injection PoC...
MGASA-2026-0182 Updated ruby-net-ssh packages fix security vulnerabilities
This update fixes CVE-2023-48795: Prefix Truncation Attacks in SSH Specification Terrapin Attack , for ruby-net-ssh...
Updated ruby-net-ssh packages fix security vulnerabilities
This update fixes CVE-2023-48795: Prefix Truncation Attacks in SSH Specification Terrapin Attack , for ruby-net-ssh...
MAL-2026-5398 Malicious code in hey-base32 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5bbdc771de9f99f6454831cc2cd8c22f0af88dfeb3ec66a6c4d3b174c860517 The package advertises itself as a zero-dependency base32 encoder/decoder, but its CLI entry point bin/hey-base32.js starts a remote-access tunnel on...
Malicious code in hey-base32 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5bbdc771de9f99f6454831cc2cd8c22f0af88dfeb3ec66a6c4d3b174c860517 The package advertises itself as a zero-dependency base32 encoder/decoder, but its CLI entry point bin/hey-base32.js starts a remote-access tunnel on...
MAL-2026-5360 Malicious code in wallet-sdk-9 (npm)
Crypto/SSH/wallet stealer, blockchain-helper-0 campaign sibling c960+. postinstall auto-execs, src/index.js harvests /.ssh/idrsa+ided25519+Sol/Eth/BTC/Tron/Sui/Aptos wallets+.env+seeds, self-labels "CRYPTO STEALER", exfils to SAME Telegram bot 8227918239 chat 6433587894 not rotated. Campaign now...
Malicious code in ethereum-kit-9 (npm)
Crypto/SSH/wallet stealer, blockchain-helper-0 campaign sibling c960+. postinstall auto-execs, src/index.js harvests /.ssh/idrsa+ided25519+Sol/Eth/BTC/Tron/Sui/Aptos wallets+.env+seeds, self-labels "CRYPTO STEALER", exfils to SAME Telegram bot 8227918239 chat 6433587894 not rotated. Campaign now...
Malicious code in crypto-utils-7 (npm)
Crypto/SSH/wallet stealer, blockchain-helper-0/web3-tools-9 campaign sibling c960/c961. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa+wallet keys/seeds+env, self-labels "CRYPTO STEALER", exfils to IDENTICAL Telegram bot 8227918239 chat 6433587894 not rotated...
MAL-2026-5355 Malicious code in ethereum-kit-1 (npm)
Crypto/SSH/wallet stealer, blockchain-helper-0/web3-tools-9 campaign sibling c960/c961. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa+wallet keys/seeds+env, self-labels "CRYPTO STEALER", exfils to IDENTICAL Telegram bot 8227918239 chat 6433587894 not rotated...
Malicious code in ethereum-kit-1 (npm)
Crypto/SSH/wallet stealer, blockchain-helper-0/web3-tools-9 campaign sibling c960/c961. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa+wallet keys/seeds+env, self-labels "CRYPTO STEALER", exfils to IDENTICAL Telegram bot 8227918239 chat 6433587894 not rotated...
MAL-2026-5358 Malicious code in solana-core-4 (npm)
Crypto/SSH/wallet stealer, blockchain-helper-0/web3-tools-9 campaign sibling c960/c961. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa+wallet keys/seeds+env, self-labels "CRYPTO STEALER", exfils to IDENTICAL Telegram bot 8227918239 chat 6433587894 not rotated...
Malicious code in web3-tools-9 (npm)
Note: This report is updated by a verification record Crypto/SSH/wallet stealer, confirmed sibling of blockchain-helper-0 c960. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa + wallet keys/seeds + env, self-labels "CRYPTO STEALER", exfils to IDENTICAL hardcoded...
EulerOS 2.0 SP11 : libssh (EulerOS-SA-2026-2252)
According to the versions of the libssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The API function sshgethexa is vulnerable, when 0-lenght input is provided to this function. This function is used internally in...
Malicious code in solana-web3-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6945b0bfcf3be9438852411527a75d1275367ca7a34ea4a28793e6e0c6258ccb During import, the package exfiltrates sensitive data credentials, SSH keys, cryptowallet's data. It also establishes persistence via a cronjob. --- Category:...
Malicious code in solana-cli-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d1906f26c40e0ea91316c6c85ba5fea16d52a711c7a5edf3d847578cdd653715 During import, the package exfiltrates sensitive data credentials, SSH keys, cryptowallet's data. It also establishes persistence via a cronjob. --- Category:...
MAL-2026-5336 Malicious code in solana-cli-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d1906f26c40e0ea91316c6c85ba5fea16d52a711c7a5edf3d847578cdd653715 During import, the package exfiltrates sensitive data credentials, SSH keys, cryptowallet's data. It also establishes persistence via a cronjob. --- Category:...
Malicious code in solana-web3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 91c09b86579a07d271d3bcd57adf5b5b161e49e36c3bd7af09c50dd8127aa54f During import, the package exfiltrates sensitive data credentials, SSH keys, cryptowallet's data. It also establishes persistence via a cronjob. --- Category:...
MAL-2026-5333 Malicious code in nerfstudio-gs (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 523b928ceb73227e96f02eb85783222da17d0e716c9c7012b4cbcafd1e787f58 During installation or Python setup via PTH file, the code exfiltrated all kinds of sensitive data, including env variables, browser's data, SSH keys, data fro...
Malicious code in nerfstudio-gs (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 523b928ceb73227e96f02eb85783222da17d0e716c9c7012b4cbcafd1e787f58 During installation or Python setup via PTH file, the code exfiltrated all kinds of sensitive data, including env variables, browser's data, SSH keys, data fro...
Post_Exploitation_Privilege_Escalation
⬆️ Week 05 — Post-Exploitation & Privilege Escalation Inter...