QNAP Photo Station XMR Mining Vulnerability (NAS-201705-04)

QNAP Photo Station is prone to a vulnerability related to XMR mining programs. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-20210

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research...

Malicious code in buffer-xmr (npm)

The package buffer-xmr was found to contain malicious code...

MAL-2025-16295 Malicious code in buffer-xmr (npm)

The package buffer-xmr was found to contain malicious code...

SupremeBot and Mario cross the finish line together

Researchers have reported how popular game installers like Super Mario Games are being used to deliver malware. The malicious components include cryptominers, the SupremeBot mining client, and the open-source Umbral stealer. The game installers route offers some very distinct advantages to the...

Monero: Reentrancy attack in eth-monero atomic swap

A reentrancy vulnerability was found in the eth-xmr atomic swap smart contract, allowing an attacker to drain almost all of the ethers from the smart contract. The vulnerability was fixed in a later version of the smart contract...

Attackers Target ProxyLogon Exploit to Install Cryptojacker

Cryptojacking can be added to the list of threats that face any unpatched Exchange servers that remain vulnerable to the now-infamous ProxyLogon exploit, new research has found. Researchers discovered the threat actors using Exchange servers compromised using the highly publicized exploit...

Black-T Malware Emerges From Cryptojacker Group TeamTNT

Researchers have discovered the latest cryptojacking malware gambit from TeamTNT, called Black-T. The variant builds on the group’s typical approach, with a few new — and sophisticated — extras. TeamTNT is known for its targeting of Amazon Web Services AWS credentials, to break into the cloud and...

Malicious Package in buffer-xmr

Version 2.0.2 contained malicious code. The package targeted the Ethereum cryptocurrency and performed transactions to wallets not controlled by the user. Recommendation Remove the package from your environment. Ensure no Ethereum funds were compromised...

New Threat Actor ‘Rocke’: A Rising Monero Cryptomining Menace

Researchers are warning of a Chinese-language threat actor leveraging a wide array of Git repositories to infect vulnerable systems with Monero-based cryptomining malware. Researchers at Cisco Talos, who discovered the threat actor they call “Rocke”, said they have been tracking the adversary sin...

Monero: Attcker can trick monero wallet into reporting it recived twice as much with alternative tx_keypubs

Summary: multiple identical txpubkeys were patched, but you can still use alternative txpubkeys to get the same result. Description: An attacker can craft an XMR transaction which causes the receiving wallet to report that it received twice as much XMR as the attacker actually sent. The balance o...

VulnCheck KEV: CVE-2017-20210

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research...