5374 matches found
MAL-2023-2370 Malicious code in webscoket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx f530965bce1e4ba06dd3872b9ff8ba2d8332c426ce5f72f3d5bebd3370fd4901 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2417 Malicious code in wesocket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7eadcb411e8d5861ac9390ee335fc77fb5ac4eab3d83c72290380c882bad7624 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websocket-clinet (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6638db5357088a77a9ccb3e2f2754c8ba7c10746f703e3ae4b586548318faeef Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websocekt-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 166b4c5ab30ebff656594ee070f13b90d9f7210ebb072eb3cb3627a198c8ec30 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websocet-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx def6cdda3e16e392e575914ced25e522c3bcb3ca50d8228652a805cc7ee4ae51 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websocket-clietn (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 81783882612ba7b6fae545c40b498a476222def4eab8e8b779ff41cefcb93e3d Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2385 Malicious code in websocket-clieent (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4feae31dcf666a30e8848da752d72614ca03bd3c60eedb2f69a4de43eb9f7560 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websocke-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5faa944bbc2b25316c377963c3a5db62a519e24c7eae9387a841b8cb137b36b5 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2362 Malicious code in webbsocket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 72a6a6ad23d9e1606f946a818154ebb20f3b649d47e7094f7854e0ee3b4016c2 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in weboscket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 2cc6bfd099608112cc4fae288c5acdc5d9c5a18dbad3be61e20e1b35dcf98f50 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websocket-cleint (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b95022cf171781e9a5b50900b78390fa8ba1d016e8c2e34ff9e7fbf2d900ceed Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in webscket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6c8716d958d7a19a4e59c03eac34c6d8338493b88fb15fd0440025fcbce59c34 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2368 Malicious code in webscket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6c8716d958d7a19a4e59c03eac34c6d8338493b88fb15fd0440025fcbce59c34 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websockt-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 69c7aefbf467766ec8bbb120d81bb6f61491564fa89b81d0d42be3c249bfae27 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websocket-clint (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx e2ed5b9c8a0271395a5e0407624dd18f8b28071aee5588b73ad595d0d126499a Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2392 Malicious code in websocket-clint (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx e2ed5b9c8a0271395a5e0407624dd18f8b28071aee5588b73ad595d0d126499a Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2410 Malicious code in websoockets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 84161e76180093fa447348194b51b36a5f7acbb20aad7020cf86eb735ff827a6 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Regular Expression Denial of Service (ReDoS)
Overview deno is an a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to the upgradeWebSocket function, which contains regexes in the form of /s,s/...
USN-5824-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...
PY#RATION: New Python-based RAT Uses WebSocket for C2 and Data Exfiltration
Cybersecurity researchers have unearthed a new attack campaign that leverages a Python-based remote access trojan RAT to gain control over compromised systems since at least August 2022. "This malware is unique in its utilization of WebSockets to avoid detection and for both command-and-control C...