Lucene search
K

6649 matches found

The Hacker News
The Hacker News
added 2026/05/12 12:50 p.m.14 views

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network TON for command-and-control C2. The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/08 6:12 p.m.15 views

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a...

6.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/06 12:0 a.m.13 views

Malicious code in forge-jsxy (npm)

forge-jsxy is a malicious npm package part of the same campaign as forge-jsx. It typosquats the name by appending a 'y' and carries an identical fake description 'Node.js integration layer for Autodesk Forge' to impersonate a legitimate Autodesk Forge SDK. The package is a fully-formed RAT deploy...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/05 6:30 p.m.10 views

Malicious code in gemini-analyzer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1c8996b17229185440fe7523f20f72ea848f3a001baa8946ca80fa6b5d3221ad The package is a RAT performing full exfiltration and executing remote commands through a custom RPC protocol over WebSockets, and eventually establishing a...

6AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/04 12:0 a.m.3 views

Reflecthernet: Exfiltrating 100BASE-TX Ethernet Traffic Using a Retroreflector Hardware Trojan

Electromagnetic eavesdropping is a well-established attack vector for remotely monitoring a target activity, most notably displays, over considerable ranges. Other targets have been considered resistant to such attacks or do not exhibit sufficient electromagnetic leakage for practical exploitatio...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/03 8:58 p.m.9 views

MAL-2026-3251 Malicious code in puan31 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27d04731b8fc3968b624ec2435d48b09d1afffb46fefb44745c2c8ff31bf4855 During import, package automatically starts a connection to a C2 server, exfiltrates information about the host and data like the browser's history and sensiti...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/03 12:30 p.m.9 views

Malicious code in system-update-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4902f753d49279adae969f368b995d1ec8990f506dfb70d9c8891098f657ae9b If run as a module, the code runs code to silently control the device via Telegram bot execute commands, exfiltrate files. --- Category: MALICIOUS - The campai...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/03 3:9 a.m.7 views

Malicious code in timesmcplib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 da06df6b9831a400bbf6f90e6ae20c8633f5ca98f71ca4927cbc0647ec6ccb17 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/03 3:9 a.m.7 views

MAL-2026-3240 Malicious code in timesmcplib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 da06df6b9831a400bbf6f90e6ae20c8633f5ca98f71ca4927cbc0647ec6ccb17 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/03 12:0 a.m.6 views

Trojan Hippo: Weaponizing Agent Memory for Data Exfiltration

Memory systems enable otherwise-stateless LLM agents to persist user information across sessions, but also introduce a new attack surface. We characterize the Trojan Hippo attack, a class of persistent memory attacks that operates in a more realistic threat model than prior memory poisoning work:...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 11:20 p.m.9 views

Malicious code in timermcplib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 999846a0fc964a7818742a15f547ddd0b154f6ca559902c048c3f478a681c64c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/02 11:20 p.m.6 views

MAL-2026-3239 Malicious code in timermcplib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 999846a0fc964a7818742a15f547ddd0b154f6ca559902c048c3f478a681c64c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/02 10:45 p.m.8 views

MAL-2026-3238 Malicious code in timemcplib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 96a6c2c025f60e6c36b5c0c5325d3cd39c3d2a25f693ba82877fa73d87eb3b6f During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 3:51 a.m.7 views

Malicious code in currenttimerlib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2c8597070407b25804a26b2e7245768836031c1686a98750599ba2ce1833d4aa During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 3:40 a.m.17 views

Malicious code in currenttimerpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccd5c81889e68b6ae8a0e8ef90b7c3a4dc447b08872ad6ac48ce94804985379d During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 12:54 a.m.11 views

Malicious code in as89ufnaisufn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e21c9860ca710010b7059d9284d8e2665c8163a8f1f351782e1a30f2037ce647 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/02 12:52 a.m.8 views

MAL-2026-3227 Malicious code in timingmcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c55706ce911042ace020630f65dc65015cf677b2d5a106ccd3ddba10e90f327f During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/02 12:50 a.m.12 views

MAL-2026-3228 Malicious code in ziugxfbvo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 257409f82e56689d4cd8ebe7ac8ae8e09203ecbd7eab311970e4bdeb7be92b05 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/01 12:29 a.m.8 views

Malicious code in bxiucnxcb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 136aa3924314879404ede1d7153b71b042b3fa55468f0aa1c534e6a18b79e37c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/30 9:48 p.m.7 views

Malicious code in currentclock (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d1c91399e9fe0c5525eac175fb302553dfca29a3cea2f469e7c9be512629e71c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
Rows per page
Query Builder