28 matches found
Microsoft’s Retired IE Tool MSHTA Now Being Used in Fileless Malware Attacks
Despite Internet Explorer’s retirement, hackers are abusing the legacy MSHTA utility in stealthy fileless malware attacks targeting Windows users...
Stealit Malware Using Node.js to Hide in Fake Game and VPN Installers
Fortinet warns of Stealit, a MaaS infostealer, now targeting Windows systems and evading detection by using Node.js’s SEA feature while hiding in fake game and VPN installers...
New LockBit 5.0 Targets Windows, Linux, ESXi
Trend™ Research analyzed source binaries from the latest activity from notorious LockBit ransomware with their 5.0 version that exhibits advanced obfuscation, anti-analysis techniques, and seamless cross-platform capabilities for Windows, Linux, and ESXi systems...
MAL-2025-47453 Malicious code in sisaws (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 0cc916986327ca493d55160fe841e48b756a40e030f59880874386e9e1e8a148 This package installs the SilentSync remote access trojan and allows remote code execution and data exfiltration. Windows machines are...
Malicious code in secmeasure (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security f566db2e1359b455ca36524d9c066854754e71ac92deca9706f69d3d71cc8414 This package installs the SilentSync remote access trojan and allows remote code execution and data exfiltration. Windows machines are...
Exploit for Integer Overflow or Wraparound in Whatsapp
MailEnable CVE-2022-36934 Exploit Module !Metasploithttps:...
Dicoogle PACS Web Server Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dicoogle PACS Web Server Directory Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in th...
`tauri-win-rt-notification` was removed from crates.io for malicious code
This crate was part of a typosquatting malware cluster published by the user gabielle55131 to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer...
Exploit for Incorrect Comparison in Dynamic-Linq Linq
Dynamic Linq injection to RCE - CVE-2023-32571 About Dynami...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ This exploit...
Metasploit Wrap-Up
Word and Javascript are a rare duo. Thanks to thesunRider. you too can experience the wonder of this mystical duo. The sole new metasploit module this release adds a file format attack to generate a very special document. By utilizing Javascript embedded in a Word document to trigger a chain of...
Target Credential Status by Authentication Protocol - Valid Credentials Provided
Nessus was able to determine that valid credentials were provided for an authentication protocol available on the remote target because it was able to successfully authenticate directly to the remote target using that authentication protocol at least once. Authentication was successful because th...
Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool
The APT known as TA410 has added a modular remote-access trojan RAT to its espionage arsenal, deployed against Windows targets in the United States’ utilities sector. According to researchers at Proofpoint, the RAT, called FlowCloud, can access installed applications and control the keyboard,...
Security Bulletin: IBM Tivoli Application Dependency Discovery Manager (TADDM) could expose password hashes stored in system memory on target Windows systems that are discovered by TADDM
Summary IBM Tivoli Application Dependency Discovery Manager TADDM requires a local service account to communicate with Windows servers targets via WMI. WMI caches the password hash in memory on each target Windows system when using certain authentication methods. By TADDM design, and according to...
shadowbroker-1
This repository, fengzihk/shadowbroker-1, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a README file that lists various exploits, such as EARLYSHOVEL, EBBISLAND, ECHOWRECKER, EASYBEE, and...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-2642)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Dicoogle PACS 2.5.0 Web Server Directory Traversal Exploit
This module exploits an unauthenticated directory traversal vulnerability in the Dicoogle PACS Web Server v2.5.0 and possibly earlier, allowing an attacker to read arbitrary files with the web server privileges. While the application is java based, the directory traversal was only successful...
Dicoogle PACS Web Server Directory Traversal
This module exploits an unauthenticated directory traversal vulnerability in the Dicoogle PACS Web Server v2.5.0 and possibly earlier, allowing an attacker to read arbitrary files with the web server privileges. While the application is java based, the directory traversal was only successful...
Target Credential Issues by Authentication Protocol - No Issues Found
Valid credentials were provided for an authentication protocol on the remote target and Nessus did not log any subsequent errors or failures for the authentication protocol. When possible, Nessus tracks errors or failures related to otherwise valid credentials in order to highlight issues that ma...
Target Credential Status by Authentication Protocol - Failure for Provided Credentials
Nessus failed to successfully authenticate directly to the remote target on an available authentication protocol. Nessus was able to connect to the remote port and identify that the service running on the port supports an authentication protocol, but Nessus failed to authenticate to the remote...