99 matches found
CVE-2026-2350 Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS...
EUVD-2015-8617
Malware in sbrugna...
EUVD-2025-11374
Malicious code in bioql PyPI...
Malicious code in ng-tds (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b3294da0f9faffb8ba69b152216b52a8aa4ebcf64678bcd336c917b3e054530d The OpenSSF Package Analysis project identified 'ng-tds' @...
Malicious ISO File Used in Romance Scam Targeting German Speakers
Sublime Security reveals a cunning romance/adult-themed scam targeting German speakers, leveraging Keitaro TDS to deliver an AutoIT-based malware loader. Learn how this sophisticated campaign operates, its deceptive tactics, and the hidden payload...
Malicious code in tds-styled-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6fd1f1a79e054904c1996f83eaebf071439a273c6c1eb478e4f6c2fed1a2b58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10254 Malicious code in tds-styled-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6fd1f1a79e054904c1996f83eaebf071439a273c6c1eb478e4f6c2fed1a2b58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Facebook Ads Lead to Fake Websites Stealing Credit Card Information
Facebook users are the target of a scam e-commerce network that uses hundreds of fake websites to steal personal and financial data using brand impersonation and malvertising tricks. Recorded Future's Payment Fraud Intelligence team, which detected the campaign on April 17, 2024, has given it the...
KB5029376 - Description of the security update for SQL Server 2017 CU31: October 10, 2023
KB5029376 - Description of the security update for SQL Server 2017 CU31: October 10, 2023 Summary Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information File information...
KB5029186 - Description of the security update for SQL Server 2016 SP3 GDR: October 10, 2023
KB5029186 - Description of the security update for SQL Server 2016 SP3 GDR: October 10, 2023 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contain...
KB5029375 - Description of the security update for SQL Server 2017 GDR: October 10, 2023
KB5029375 - Description of the security update for SQL Server 2017 GDR: October 10, 2023 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains a...
Microsoft Teams used to deliver DarkGate Loader malware
Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed via phishing emails. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. But...
Asylum Ambuscade: A Cybercrime Group with Espionage Ambitions
The threat actor known as Asylum Ambuscade has been observed straddling cybercrime and cyber espionage operations since at least early 2020. "It is a crimeware group that targets bank customers and cryptocurrency traders in various regions, including North America and Europe," ESET said in an...
CryptoClippy: New Clipper Malware Targeting Portuguese Cryptocurrency Users
Portuguese users are being targeted by a new malware codenamed CryptoClippy that's capable of stealing cryptocurrency as part of a malvertising campaign. The activity leverages SEO poisoning techniques to entice users searching for "WhatsApp web" to rogue domains hosting the malware, Palo Alto...
SUSE CVE-2015-8740
The dissecttds7colmetadatatoken function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a crafted packet...
Raccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked Software
A "large and resilient infrastructure" comprising over 250 domains is being used to distribute information-stealing malware such as Raccoon and Vidar since early 2020. The infection chain "uses about a hundred of fake cracked software catalogue websites that redirect to several links before...
MAL-2022-6431 Malicious code in tds-publish (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb9cdf5cd3aa4e14d5a628ef37bc7f25bbd6a7976c9c4a2b649a96dcc1c6ee57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in tds-publish (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb9cdf5cd3aa4e14d5a628ef37bc7f25bbd6a7976c9c4a2b649a96dcc1c6ee57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Exploit for Path Traversal in Secureauth Impacket
Impacket ======== !Latest Versionhttps://img.shields.io/pyp...
Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network
The Parrot traffic direction system TDS that came to light earlier this year has had a larger impact than previously thought, according to new research. Sucuri, which has been tracking the same campaign since February 2019 under the name "NDSW/NDSX," said that "the malware was one of the top...