Lucene search
K

11 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/01 8:0 a.m.13 views

Malicious code in @customer-threesixty/assets (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
OSV
OSV
added 2026/06/01 8:0 a.m.10 views

MAL-2026-5157 Malicious code in @tse-digital/core (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/25 2:15 p.m.8 views

MAL-2026-4685 Malicious code in tempo-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6790e6e83af71238b9773ae49568f5374d094d23d1a7247ef4560d645ef64024 The package contains a file poc.js that imports os, https, fs, and childprocess; collects host identifiers including os.hostname, os.platform, and th...

5.9AI score
Exploits0References1
The Hacker News
The Hacker News
added 2026/03/04 9:37 a.m.8 views

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan RAT that's functional on Windows, macOS, and Linux systems. The names of the packages are listed below - nhattuanbl/lara-helper...

6.4AI score
Exploits0
Veracode
Veracode
added 2025/09/01 5:6 a.m.5 views

Path Traversal

tinyscientist is vulnerable to path Traversal. The vulnerability is due to improper validation of file paths in the reviewpaper function, which allows an attacker to craft malicious file paths to read arbitrary PDF files on the server, access sensitive documents, and perform reconnaissance on the...

8.8CVSS6.6AI score0.00597EPSS
Exploits0References4Affected Software1
Microsoft Secure
Microsoft Secure
added 2025/03/17 5:0 p.m.9 views

StilachiRAT analysis: From system reconnaissance to cryptocurrency theft

In November 2024, Microsoft Incident Response researchers uncovered a novel remote access trojan RAT we named StilachiRAT that demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data. Analysis of the StilachiRAT’s...

6.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/12/11 6:44 p.m.40 views

Modular Java Backdoor Dropped in Cleo Exploitation Campaign

Many thanks to Rapid7 MDR and incident response teams for their contributions to this analysis. While investigating incidents related to Cleo software exploitation, Rapid7 Labs and MDR observed a novel, multi-stage attack that deploys an encoded Java Archive JAR payload. Our investigation reveale...

9.8CVSS7.5AI score0.98529EPSS
Exploits6
The Hacker News
The Hacker News
added 2024/08/27 4:8 p.m.89 views

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users

Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of...

9.3CVSS8.6AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2021/01/15 11:31 a.m.71 views

Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks

Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware — including a previously undocumented backdoor. Attributing the campaign to Winnti or APT41, Positive Technologies dated the first...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2020/03/24 9:1 p.m.49 views

Unknown 'WildPressure' Malware Campaign Lets Off Steam in Middle East

A malware campaign that shares no known similarities to previous attacks has been uncovered, targeting organizations in the Middle East. Dubbed “WildPressure,” the campaign used a previously unknown malware that researchers named Milum, after the C++ class names inside the code. According to...

7.2AI score
Exploits0References9
n0where
n0where
added 2018/08/01 5:5 p.m.19 views

Network and System Reconnaissance Tool: Sandmap

Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine . It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Key Features simple CLI with the ability to run pure Nmap engine...

6.9AI score
Exploits0References2
Rows per page
Query Builder