Lucene search
K

27 matches found

HackRead
HackRead
added 2026/05/08 8:51 p.m.9 views

Fake macOS Troubleshooting Sites Used to Steal iCloud Data in ClickFix Scam

Microsoft researchers warn of a new ClickFix campaign targeting macOS with fake guides on Medium and Craft to deploy AMOS and SHub Stealer via Terminal commands...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/05/06 3:20 p.m.14 views

ClickFix campaign uses fake macOS utilities lures to deliver infostealers

In this article 1. Activity overview 2. Mitigation and protection guidance 3. Hunting queries 4. Indicators of compromise Microsoft researchers continue to observe the evolution of an infostealer campaign distributing ClickFix‑style instructions and targeting macOS users. In this recent iteration...

6.3AI score
Exploits0
CVE
CVE
added 2026/03/30 12:0 a.m.7 views

CVE-2026-30308

CVE-2026-30308 affects HAI Build Code Generator's automatic terminal command execution feature. The tool offers two options: Execute safe commands or Execute all commands. The root cause is prompt-injection-based bypass: an attacker can wrap a malicious command in a generic template and mislead t...

9.8CVSS6AI score0.00512EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.6 views

SakaDev 安全漏洞

SakaDev is an AI-driven software development assistant developed by Rahman Azhar. SakaDev has a security vulnerability, which stems from defects in the design of automatic terminal command execution. This vulnerability makes it susceptible to prompt injection attacks, potentially allowing arbitra...

9.8CVSS5.9AI score0.00678EPSS
Exploits0References3
CVE
CVE
added 2026/03/27 12:0 a.m.8 views

CVE-2026-30304

AI Code’s CVE-2026-30304 stems from its design that auto-executes commands deemed safe while requiring approval for potentially destructive ones. Multiple trusted sources describe a prompt-injection flaw: an attacker can wrap malicious commands in a generic template and fool the model into classi...

9.6CVSS6.1AI score0.00435EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2026/03/16 11:41 a.m.4 views

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called MacSync. "Unlike traditional exploit-based attacks, this method relies entirely on user interaction – usually in the form of copying and executing commands –...

6.3AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-43133

Malicious code in bioql PyPI...

9.2CVSS6.6AI score0.00491EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-2685

Malicious code in bioql PyPI...

9.3CVSS6.5AI score0.00491EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2025/09/20 7:7 a.m.8 views

LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer

LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that distribute malware-laced programs masquerading as legitimate tools. "In the case of LastPass, the fraudulent repositories redirected potential victims to a...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/06 2:28 a.m.14 views

CVE-2025-22275

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python...

9.3CVSS6.7AI score0.00491EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/03 12:0 a.m.20 views

CVE-2025-22275

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python...

9.3CVSS0.00491EPSS
Exploits0References3
OSV
OSV
added 2024/10/22 8:58 p.m.4 views

CVE-2024-48919 RCE via Prompt Injection Into Cursor's Terminal Cmd-K

Cursor is a code editor built for programming with AI. Prior to Sep 27, 2024, if a user generated a terminal command via Cursor's Terminal Cmd-K/Ctrl-K feature and if the user explicitly imported a malicious web page into the Terminal Cmd-K prompt, an attacker with control over the referenced web...

9.2CVSS7.9AI score0.00491EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.2 views

Cursor 输入验证错误漏洞

Cursor is an AI code editor from the Cursor open source. An input validation error vulnerability exists in versions prior to Cursor 20240927, which stems from the fact that if a user generates terminal commands via Cursor's Terminal Cmd-K/Ctrl-K functionality, an attacker could potentially...

9.2CVSS7.3AI score0.00491EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/22 12:0 a.m.6 views

PT-2024-33268 · Cursor · Cursor

Name of the Vulnerable Software and Affected Versions: Cursor versions prior to 0.42 Description: The issue allows an attacker with control over a malicious web page to influence a language model to output arbitrary commands for execution in the user's terminal. This scenario requires the user to...

9.2CVSS7.4AI score0.00491EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/10/26 12:0 a.m.4 views

PT-2023-27086 · Mintty · Mintty

Name of the Vulnerable Software and Affected Versions: Mintty versions 3.6.4 and earlier Description: An issue in Mintty allows a remote attacker to execute arbitrary code via crafted commands to the terminal. Recommendations: For Mintty versions 3.6.4 and earlier, update to a version later than...

9.8CVSS8.2AI score0.01033EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/02 4:34 p.m.4 views

rubygem-rack: crafted requests can cause shell escape sequences

A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack's Lint middleware and CommonLogger middleware. This issue can leverage these escape sequences to execute commands in the victim's...

10CVSS6.8AI score0.01801EPSS
Exploits0References5
OSV
OSV
added 2022/03/17 12:15 p.m.28 views

PYSEC-2022-165

The package guake before 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of executecommand and executecommandbyuuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via the d-bus method. Note: Exploitation...

8CVSS3.8AI score0.01113EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2021/05/04 12:0 a.m.384 views

GravCMS 1.10.7 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GravCMS Remote Command Execution', 'Description' = %q This module exploits arbitrary config write/update vulnerability to achieve remote code...

7.5CVSS0.4AI score0.80467EPSS
Exploits12
Huntr
Huntr
added 2020/12/21 12:0 a.m.7 views

Prototype Pollution in bonnevoyager/nested-objects-util

Description nested-objects-util is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var unflatten = require"nested-objects-util" console.log"Before : " + .polluted; unflatten"proto.polluted": "Yes! Its Polluted" console.log"After : " + .polluted; 2...

2.1AI score
Exploits0
OSV
OSV
added 2020/05/19 4:15 p.m.12 views

CVE-2020-11807

Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code and sometimes terminal commands on a server by making an avatar update and then visiting the avatar file under the /images/ path...

7.8CVSS7.5AI score
Exploits0References2
Rows per page
Query Builder