Lucene search
K

1023 matches found

The Hacker News
The Hacker News
added 12 hours ago16 views

SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing

Scanners meant to catch malicious add-on "skills" for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of Science and Technology. Their strongest trick slipped past every scanner tested mor...

6.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago6 views

Malicious code in polymarket-clob-maths (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign targeting Polymarket developers. polymarket-clob-maths uses a dropper technique: a postinstall hook fetches a remote bundle from trabalhos-flax.vercel.app and executes a syncSession function that runs a...

5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-54000

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description A stored cross-site scripting issue exists where an authenticated attacker can execute arbitrary JavaScript in another user's browser. This occurs by injecting a crafted payload into...

6.3CVSS5.9AI score0.00184EPSS
Exploits0References12
OSV
OSV
added 6 days ago3 views

MAL-2026-6692 Malicious code in polymarket-trading-developer-tools (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign targeting Polymarket developers. polymarket-trading-developer-tools uses a dropper technique: a postinstall hook downloads configuration from pm-trading-dev-tools-be.vercel.app and exfiltrates data to the...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 5:24 a.m.6 views

Malicious code in @ibrahim1337/baksen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea195bd44e54cd1051fc279a0e871b02c15eea04f65c80979d756fa767f541b4 Package @ibrahim1337/baksen ships a Windows x64 infostealer toolkit that targets Chromium-family browsers Chrome, Brave, Edge, Opera, Opera GX on the...

6AI score
Exploits0References12
Metasploit
Metasploit
added 2026/06/25 7:5 p.m.125 views

SMB to Meterpreter Upgrade via PsExec

Upgrades an authenticated SMB session to a Meterpreter session using PsExec techniques. This module uploads a service-wrapped executable payload to the ADMIN$ share via the existing authenticated SMB connection, then creates and starts a Windows service that executes the payload. This mirrors the...

6AI score
Exploits0
NVD
NVD
added 2026/06/23 1:16 p.m.12 views

CVE-2023-54365

Traefik before 2.10.5 and 3.0.0-beta4 is affected by a denial-of-service vulnerability in HTTP/2 request handling inherited from the Go standard library's HTTP/2 implementation CVE-2023-44487 / CVE-2023-39325, the 'Rapid Reset' technique. A remote attacker can rapidly create and cancel HTTP/2...

8.7CVSS0.00562EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/06/05 3:5 p.m.64 views

exploit-technique

No d...

5.4AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/05 12:33 p.m.28 views

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 where "OP" stands for "opponent" that has been observed targeting Microsoft Internet Information Services IIS servers to deploy a bespoke web shell framework. ReliaQuest has assessed with moderate to hi...

6AI score
Exploits0
OSV
OSV
added 2026/06/02 2:15 p.m.9 views

EEF-CVE-2026-48861 CRLF injection in HTTP/1 request line via unvalidated method in Mint

Summary Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encoderequestline/2 function splices the caller-supplied method and target arguments directly into the...

2.1CVSS6AI score0.00166EPSS
Exploits0References4
Krebs on Security
Krebs on Security
added 2026/06/01 5:32 p.m.16 views

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI support assistant" bot into resetting...

5.9AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2026/06/01 9:30 a.m.20 views

Websites Can Now Spy on You Through Your Hard Drive

Thanks to the newly detailed FROST technique, telltale SSD activity can be measured in the browser using simple JavaScript...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/05/31 9:0 p.m.10 views

Malicious Package

Overview @cloudplatform-single-spa/cloudia is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/31 9:0 p.m.7 views

Malicious Package

Overview @cloudplatform-single-spa/managed-identities is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS5.9AI score
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.40 views

Automatically Attacking Software Reverse Engineering AI Agents

Software tools for reverse engineering executable binary files, such as Ghidra, enable malware analysts to safely conduct robust static analysis without having access to original source code. Coupled with the analytic power of large language models LLM, agentic systems enabled with tools, such as...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/25 11:46 p.m.78 views

-authencesn-poc

authencesn-poc Mrowl made by c0redev https://unitdev.run...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/05/25 2:15 p.m.22 views

CVE-2018-25379 Collectric CMU 1.0 SQL Injection via lang Parameter

Collectric CMU 1.0 contains a boolean-based blind SQL injection vulnerability in the lang parameter that allows unauthenticated attackers to manipulate database queries during authentication. Attackers can inject SQL code through the lang parameter in login requests to extract sensitive informati...

8.8CVSS0.0039EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/24 5:15 p.m.13 views

Malicious code in vite-plugin-css-blend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a47fa75fbd028d1aca89ca790036f760c76d8e486175505ef4a8f59f33e7c76 The package is published as a Vite CSS plugin but exposes no Vite plugin API. Its documented applyGlobalStylespalette, accents export, when called on...

6AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/24 12:0 a.m.9 views

MemMorph: Tool Hijacking in LLM Agents Via Memory Poisoning

LLM-driven agents are capable of selecting external tools to complete users' tasks. However, attackers could compromise such process, steering agents toward inappropriate/wrong tools and enabling malicious actions. Most existing attacks primarily manipulate the tool metadata, which is easily...

5.7AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/22 10:20 p.m.111 views

cve-researcher

cve-researcher AI-powered CVE research in your terminal —...

10CVSS7.2AI score0.99999EPSS
Exploits351
Rows per page
Query Builder