Lucene search
K

6654 matches found

Amazon
Amazon
added 6 days ago6 views

Important: docker

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS7.5AI score0.00939EPSS
Exploits0
Amazon
Amazon
added 6 days ago5 views

Important: docker

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS7.5AI score0.00939EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/07/06 10:58 a.m.16 views

Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign, codenamed Operation DragonReturn by...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/07/06 8:13 a.m.11 views

New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS

Cybersecurity researchers have flagged a novel Java-based remote access trojan RAT called QuimaRAT that's capable of targeting Windows, Linux, and macOS environments. According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-service MaaS model, costing anywhere between...

6.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 12:0 a.m.7 views

Malicious code in ulid-xyz (npm)

ulid-xyz is a typosquat of the popular ulid library sortable unique IDs and is a cross-platform Remote Access Trojan delivered via a postinstall hook. The package.json postinstall superficially looks like an inline node -e guard that checks for the existence of a dist file, but it actually launch...

6AI score
Exploits0References9
OSV
OSV
added 2026/06/29 12:0 a.m.7 views

MAL-2026-6672 Malicious code in ulid-xyz (npm)

ulid-xyz is a typosquat of the popular ulid library sortable unique IDs and is a cross-platform Remote Access Trojan delivered via a postinstall hook. The package.json postinstall superficially looks like an inline node -e guard that checks for the existence of a dist file, but it actually launch...

6.2AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 3:50 p.m.11 views

Malicious code in security-alerts-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f881805b709189d00bc52dc57c407bfecdae44fb343f92634a301c31525f6b0 Despite advertising itself as a breach-monitoring SDK, this package executes a remote-access trojan and credential harvester against any installer th...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/22 12:0 p.m.9 views

Malicious code in forge-jsx4 (npm)

forge-jsx4 is a remote access trojan RAT published to the public npm registry by the account rafaelsilva [email protected]. Versions 1.0.122 and 1.0.123 were published on June 21-22, 2026 as a reconstitution of the forge-jsx / forge-jsxy campaign, reusing the same command-and-control...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/22 12:0 p.m.12 views

MAL-2026-6279 Malicious code in forge-jsx4 (npm)

forge-jsx4 is a remote access trojan RAT published to the public npm registry by the account rafaelsilva [email protected]. Versions 1.0.122 and 1.0.123 were published on June 21-22, 2026 as a reconstitution of the forge-jsx / forge-jsxy campaign, reusing the same command-and-control...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 10:38 a.m.13 views

Malicious code in fastercode (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14de4534d4cf2290f5f54bc5929fa799b73dff2e6a03aa879ade141dfc6ea054 The package advertises itself as a Python performance helper "Make your Python code run faster" and exposes a single public function run. On Windows,...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 4:18 a.m.13 views

Malicious code in pathfix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2527fa3618f01b694722f2a50297c248053dcdabf1b471ee9bdbdc6522bb838 pathfix presents itself as a Stylus port of normalize.css but ships a copy of the unrelated normalize-path module with an appended...

5.9AI score
Exploits0References4
OSV
OSV
added 2026/06/17 4:18 a.m.19 views

MAL-2026-5989 Malicious code in pathfix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2527fa3618f01b694722f2a50297c248053dcdabf1b471ee9bdbdc6522bb838 pathfix presents itself as a Stylus port of normalize.css but ships a copy of the unrelated normalize-path module with an appended...

5.9AI score
Exploits0References4
HackRead
HackRead
added 2026/06/15 10:2 a.m.15 views

Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores

Over 50 Android apps on official stores spread MagicAd trojan, using system tricks to force background ads even after infected apps are closed...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2026-41567

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a...

7.5CVSS6.4AI score0.00153EPSS
Exploits0References4
OSV
OSV
added 2026/06/05 2:17 a.m.9 views

UBUNTU-CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.5CVSS6AI score0.00153EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/05 12:35 a.m.10 views

CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.5CVSS6AI score0.00153EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/05 12:35 a.m.53 views

CVE-2026-41567 Docker: `PUT /containers/{id}/archive` executes container binary on the host

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS0.00153EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 12:35 a.m.1 views

CVE-2026-41567 Docker: `PUT /containers/{id}/archive` executes container binary on the host

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS6.6AI score0.00153EPSS
Exploits0References7
The Hacker News
The Hacker News
added 2026/06/03 4:29 p.m.17 views

Google DoubleClick Abused in New Malspam Campaign to Deliver .NET Loader

Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver an unidentified .NET-based loader. "Before the victim ever reaches attacker-controlled infrastructure, the lure routes through DoubleClick...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/06/02 9:0 p.m.12 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder