Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT

Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance with an open-source remote access trojan called Xeno RAT. "The campaign opens with a spear phishing delivery - a ZIP...

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan RATs payloads that correspond to XWorm, AsyncRAT, and Xeno RAT. The stealthy attack chain has been codenamed VOIDGEIST by...

Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns

Fake Xeno and Roblox gaming tools are spreading a Windows RAT remote access trojan using PowerShell and LOLBins, Microsoft Threat Intelligence warns...

Malicious code in xeno-executor (npm)

The package xeno-executor was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-39623 Malicious code in xeno-executor (npm)

The package xeno-executor was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

Malicious code in xeno-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d4584c129d15f1b447b33ff8077afcf4b79d34b44dd6c9752ffa9a028790f9bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5990 Malicious code in xeno-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d4584c129d15f1b447b33ff8077afcf4b79d34b44dd6c9752ffa9a028790f9bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in xeno-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3794b70c9005dec3c935f978a1bcb31199dd1f01b1bf35a10bc9bd134ba82ef6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2436 Malicious code in xeno-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3794b70c9005dec3c935f978a1bcb31199dd1f01b1bf35a10bc9bd134ba82ef6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in xeno.dll (npm)

This package uses obfuscation to hide that its downloading a malicious binary from an attacker-controlled domain --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8903fab539c0352f278ee3116807f48f52403f7e26b855fe9d68c3328012200d Any computer that has this package...

Malicious code in xeno-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 388f6e19c676bafc11f44e7609b56a922f80263a992ec95da08a18901aae51e6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12061 Malicious code in xeno-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 388f6e19c676bafc11f44e7609b56a922f80263a992ec95da08a18901aae51e6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign

A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign. Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of...

Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus

Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service DoS condition. "The remote code execution vulnerability in PanelView Plus involves two custom...

Xeno RAT Open-Source Trojan Sparks Alarm

Summary: The Xeno RAT, a remote access trojan RAT available on GitHub, has gained attention in the threat landscape due to its open-source nature. This C-based malware is compatible with both Windows 10 and 11, specifically targeting consumers by presenting itself as disguised binaries that...

Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub

An "intricately designed" remote access trojan RAT called Xeno RAT has been made available on GitHub, making it easily accessible to other actors at no extra cost. Written in C and compatible with Windows 10 and Windows 11 operating systems, the open-source RAT comes with a "comprehensive set of...

xeno-canto.org Cross Site Scripting vulnerability OBB-3645596

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

xeno-canto.org Cross Site Scripting vulnerability OBB-1216142

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

xeno-gaming.co.uk Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1152928 Security Researcher Papix2020 Helped patch 18 vulnerabilities Received 1 Coordinated Disclosure badges Received 2 recommendations , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting xeno-gaming.co.uk website a...

xeno-canto.org XSS vulnerability

Vulnerable URL: http://www.xeno-canto.org/species/Cinclodes-olrogi/"--!" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 134960 VIP website status:| No Check xeno-canto.org SSL...