47 matches found
Malicious code in sf-silly-goose-requests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d1b2d16ce881d1e9b356ed424f8144ce9324d09010efa8761ad13ac8a46e7b60 Package uses trufflehog to detect secrets and exfiltrates them to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent, lik...
MAL-2026-5184 Malicious code in sf-silly-goose-requests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d1b2d16ce881d1e9b356ed424f8144ce9324d09010efa8761ad13ac8a46e7b60 Package uses trufflehog to detect secrets and exfiltrates them to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent, lik...
CVE-2026-41506 vulnerabilities
Vulnerabilities for packages: trivy, nuclei, gitlab-runner, scorecard, mapotf-fips, kubescape-server, grafana, kaniko-fips, google-osconfig-agent, redpanda-console, gitea, flux-fips, kubescape, guac, snyk-cli, argo-workflows-fips, argocd-image-updater, grype, argo-workflows, bom, cloudbeat-fips,...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: k6, gitea, telegraf, openbao, cert-manager, external-secrets-operator, yunikorn-k8shim, percona-server-mongodb-operator, teleport, kyverno, rancher-agent, cert-manager-istio-csr, rclone, minio, gitlab-runner, opentofu, rancher, grafana, dex, flux-source-controller,...
GHSA-PJCQ-XVWQ-HHPJ vulnerabilities
Vulnerabilities for packages: k6, gitea, telegraf, openbao, cert-manager, external-secrets-operator, yunikorn-k8shim, percona-server-mongodb-operator, teleport, kyverno, rancher-agent, cert-manager-istio-csr, rclone, minio, gitlab-runner, opentofu, rancher, grafana, dex, flux-source-controller,...
GHSA-PJCQ-XVWQ-HHPJ vulnerabilities
Vulnerabilities for packages: cert-manager-csi-driver, nuclei, cert-manager-cmctl, gitlab-runner, grafana, cert-manager-istio-csr-fips, elastic-agent, gitea, flux-fips, frp, rclone-fips, cloudbeat, seaweedfs-rocksdb, openbao-fips, cloudbeat-fips, external-secrets-fips, beats, rancher-webhook-fips...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: cert-manager-csi-driver, nuclei, cert-manager-cmctl, gitlab-runner, grafana, cert-manager-istio-csr-fips, elastic-agent, gitea, flux-fips, frp, rclone-fips, cloudbeat, seaweedfs-rocksdb, openbao-fips, cloudbeat-fips, external-secrets-fips, beats, rancher-webhook-fips...
GHSA-Q9HV-HPM4-HJ6X vulnerabilities
Vulnerabilities for packages: gptscript, vcluster, wolfictl, pulumi-language-dotnet, boring-registry, docker, pulumi-kubernetes-operator, rclone, opentofu, argo-rollouts, datadog-agent, flux-kustomize-controller, cerbos, cilium-cli, crossplane-provider-aws-sns, crossplane-provider-aws-elasticache...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: gptscript, vcluster, wolfictl, pulumi-language-dotnet, boring-registry, docker, pulumi-kubernetes-operator, rclone, opentofu, argo-rollouts, datadog-agent, flux-kustomize-controller, cerbos, cilium-cli, crossplane-provider-aws-sns, crossplane-provider-aws-elasticache...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: trivy, reports-server, datadog-agent, nuclei, cert-manager-cmctl, crossplane-provider-azure-managedidentity, terragrunt, livekit-cli, atlantis, gitlab-runner, crossplane-provider-aws-cloudwatchlogs-fips, scorecard, crossplane-provider-aws-route53-fips,...
GHSA-FW7P-63QQ-7HPR vulnerabilities
Vulnerabilities for packages: juicefs, gitea, dgraph, timestamp-authority, telegraf, kine, openbao, kubeflow-pipelines, crossplane-provider-sql, caddy, wolfictl, loki, dbmate, kyverno, step-issuer, openfga, age, envoy-gateway, grafana-alloy, minio, jitsucom-bulker, rekor, hydra,...
How Security Tool Misuse Is Reshaping Cloud Compromise
Key Takeaways Legitimate secret-scanning tools such as TruffleHog have been operationalized in real-world cloud attack campaigns. Attack progression commonly follows a repeatable sequence: credential discovery, live validation, permission enumeration, and data access. Exposed long-lived access ke...
CVE-2026-26958 vulnerabilities
Vulnerabilities for packages: juicefs, gitea, dgraph, timestamp-authority, telegraf, kine, openbao, kubeflow-pipelines, crossplane-provider-sql, caddy, wolfictl, loki, dbmate, kyverno, step-issuer, openfga, age, envoy-gateway, grafana-alloy, minio, jitsucom-bulker, rekor, hydra,...
CVE-2026-26958 vulnerabilities
Vulnerabilities for packages: reports-server, nuclei, caddy, fulcio, loki, terragrunt, step-issuer, ory-kratos, aactl, elastic-agent, percona-xtradb-cluster-operator, gitea, envoy-gateway-fips, db-operator, prometheus-mysqld-exporter-fips, temporal-server, openfga, flux-kustomize-controller-fips,...
TruffleHog, Fade In and BSAFE Crypto-C vulnerabilities
Cisco Talos' Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Dell BSAFE, two in Fade In screenwriting software, and one in Trufflehog. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco 's...
SUSE CVE-2025-41390
An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...
CVE-2025-41390
A flaw was found in the git functionality of TruffleHog. Scanning a specially crafted git repository copied file-for-file, such as via tar, cp, rsync or other tools, with a malicious core.fsmonitor configuration option specified in the .git/config file can cause arbitrary code execution. Mitigati...
EUVD-2025-35053
An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...
CVE-2025-41390
An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...
Unsafe Dependency Resolution
Overview Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the core.fsmonitor configuration option in the .git/config file. An attacker can execute arbitrary code by convincing a user or tool to scan a specially crafted repository that contains a malicious...