Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

‘We’re still fighting last decade’s battle’ – Sonatype CTO Brian Fox on the struggle to secure the neglected software supply chain

Open source security expert warns there is still a ‘long road’ ahead to prepare for the next attack wave

PortSwigger
Open in Source
#vulnerability#web#mac#git#java#intel#backdoor#log4j#zero_day
CVE-2022-34983: scu-captcha

The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inserted by a third party.

CVE-2022-34982: eziod

The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party.

CVE-2022-34981: code execution backdoor · Issue #1 · UPB-SS1/PyCrowdTangle

The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party.

CVE-2022-34501: code execution backdoor · Issue #2 · Gmiller290488/bin_collection

The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party.

CVE-2022-34500: bin-collect

The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party.

CVE-2022-34509: code execution backdoor · Issue #1 · tford9/Wiki-Faces-Downloader

The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party.

OctoBot WebInterface 0.4.3 Remote Code Execution

OctoBot WebInterface version 0.4.3 suffers from a remote code execution vulnerability.

Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene

The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.

Cybercrime Group TA4563 Targets DeFi Market With Evolving Evilnum Backdoor

The cyber campaign, aimed at siphoning funds, uses an improved version of the malware, which can adjust infection paths based on recognized antivirus software.