Lucene search
K

82 matches found

HackRead
HackRead
added 2026/03/25 10:34 a.m.7 views

TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign

Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/23 9:41 a.m.7 views

Malicious code in license-utils-kit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 eb0116c55754c947c819c966f213a99864511536a414619cf3154b89be59f9e8 Malicious clone of legitimate "license" package. When using the findbykey function, the malicious code from strongly obfuscated files is loaded. It then at lea...

6AI score
Exploits0References4
Malwarebytes
Malwarebytes
added 2026/03/16 5:15 p.m.8 views

Hacked sites deliver Vidar infostealer to Windows users

In recent years, ClickFix and fake CAPTCHA techniques have become a popular way for cybercriminals to distribute malware. Instead of exploiting a technical vulnerability, these attacks rely on convincing people to run malicious commands themselves. Our researchers have recently detected a campaig...

6AI score
Exploits0
Securelist
Securelist
added 2026/02/19 11:0 a.m.10 views

Arkanix Stealer: a C++ & Python infostealer

Introduction In October 2025, we discovered a series of forum posts advertising a previously unknown stealer, dubbed "Arkanix Stealer" by its authors. It operated under a MaaS malware-as-a-service model, providing users not only with the implant but also with access to a control panel featuring...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/17 12:42 p.m.9 views

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol MCP server associated with Oura Health to deliver an information stealer known as StealC. "The threat actors cloned a legitimate Oura MCP Serv...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/16 3:39 p.m.7 views

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its author to sneak in a cryptocurrency wallet stealer. The malicious package, named "Tracer.Fody.NLog," remained on the repository for nearly six years. I...

6.8AI score
Exploits0
Snyk
Snyk
added 2025/12/16 10:46 a.m.4 views

Malicious Package

Overview Tracer.Fody.NLog is a malicious package. This package contains malicious code, and masquerades as a legitimate Tracer.Fody NLog adapter by typosquatting the real Tracer.Fody package and its maintainer. Instead of providing tracing functionality, it embeds hidden malware that scans for...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/11/19 5:55 a.m.3 views

MAL-2025-191157 Malicious code in cline-ai-main.cline-ai-agent (VSCode)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 04aeefbf39e1e9157280b91899a141e4f4c6619d434c594e4a2d3bf43883dbe6 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

6.9AI score
Exploits0References1
GithubExploit
GithubExploit
added 2025/10/23 4:11 a.m.133 views

stealer

Stealer C stealer Chrome, Opera ,Chromium ,Edg...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/31 8:37 a.m.4 views

Malicious code in backtradingbot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 117c24f5b7a0f5e4921e4478231a717ecca01748a5b266d8984e619f06173984 Running the installed entry point downloads and executes remote code. During the analysis, the code was switching to websockets, adding a startup script and...

7.1AI score
Exploits0References2
HackRead
HackRead
added 2025/06/19 7:29 p.m.8 views

Banana Squad Hides Data-Stealing Malware in Fake GitHub Repositories

Banana Squad hid data-stealing malware in fake GitHub repos posing as Python tools, tricking users and targeting sensitive info like browser and wallet data...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.7 views

CVE-2019-15947

In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500" command...

7.5CVSS6.6AI score0.0139EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/05/05 5:39 a.m.14 views

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune and diversify their arsenal. "TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/21 10:35 a.m.5 views

Researchers Discover Numerous Samples of Information Stealer 'Stealc' in the Wild

A new information stealer called Stealc that's being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk. "The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers,"...

6AI score
Exploits0
CNNVD
CNNVD
added 2023/02/07 12:0 a.m.3 views

Ravencoin 安全漏洞

Ravencoin is an experimental digital currency open-sourced by RavenProject that allows instant payments to anyone, anywhere in the world. A security vulnerability exists in Ravencoin Core 4.3.2.1 and earlier versions, which stems from an issue in src/wallet/wallet.cpp that can be exploited by an...

7.5CVSS7.3AI score0.00804EPSS
Exploits1References5
The Hacker News
The Hacker News
added 2023/01/30 11:26 a.m.3 views

Titan Stealer: A New Golang-Based Information Stealer Malware Emerges

A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. "The stealer is capable of stealing a variety of information from infected Windows machines, including credential data from browsers and crypto wallets, FTP...

6.5AI score
Exploits0
HackRead
HackRead
added 2022/02/20 6:30 p.m.15 views

Kraken botnet bypass Windows Defender to steal crypto wallet data

By Deeba Ahmed Kraken botnet utilizes SmokeLoader malware, and its operators have already been raking in around $3,000 per month. ZeroFox… This is a post from HackRead.com Read the original post: Kraken botnet bypass Windows Defender to steal crypto wallet data...

4.3AI score
Exploits0
HackRead
HackRead
added 2021/12/06 8:38 p.m.18 views

Fake KPSPico Windows activator tool KPSPico steals crypto wallet data

By Waqas Watch out for fake and malicious KMSPico Windows activator used in spreading CrypBot malware to steal crypto wallets' data. This is a post from HackRead.com Read the original post: Fake KPSPico Windows activator tool KPSPico steals crypto wallet data...

2.6AI score
Exploits0
OSV
OSV
added 2020/12/17 1:10 p.m.7 views

MGASA-2020-0458 Updated bitcoin packages fix security vulnerabilities

Multiple vulnerabilities have been discovered in Bitcoin. In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their privat...

7.5CVSS7.7AI score0.03389EPSS
Exploits0References3
Brave Browser
Brave Browser
added 2020/10/26 1:3 a.m.9 views

Brave Android 1.16.68 Security Fixes

Fixed file-path for cookies as reported on HackerOne by kanytu. - Encrypted private wallet data preferences for Brave Rewards...

5.8AI score
Exploits0References3Affected Software1
Rows per page
Query Builder