Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

CVE-2022-41386: democritus-urls

The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.

CVE
Open in Source
#backdoor
CVE-2022-41385: d8s-html

The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.

CVE-2022-42038: code execution backdoor · Issue #14 · democritus-project/d8s-ip-addresses

The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0.

CVE-2022-42037: code execution backdoor · Issue #9 · democritus-project/d8s-asns

The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0.

CVE-2022-42042: d8s-networking

The d8s-networking package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0.

CVE-2022-42044: code execution backdoor · Issue #4 · dadadadada111/info

The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0.

CVE-2022-42043: code execution backdoor · Issue #5 · dadadadada111/info

The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0.

BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics

The operators behind the BazaCall call back phishing method have continued to evolve with updated social engineering tactics to deploy malware on targeted networks. The scheme eventually acts as an entry point to conduct financial fraud or the delivery of next-stage payloads such as ransomware, cybersecurity company Trellix said in a report published last week. Primary targets of the latest

Zoom Phishing Scam Steals Microsoft Exchange Credentials

By Deeba Ahmed The phishing email, which was marked as safe by Microsoft, was aimed at 21,000 users of a national healthcare firm. This is a post from HackRead.com Read the original post: Zoom Phishing Scam Steals Microsoft Exchange Credentials

Researchers Detail Malicious Tools Used by Cyberespionage Group Earth Aughisky

A new piece of research has detailed the increasingly sophisticated nature of the malware toolset employed by an advanced persistent threat (APT) group named Earth Aughisky. "Over the last decade, the group has continued to make adjustments in the tools and malware deployments on specific targets located in Taiwan and, more recently, Japan," Trend Micro disclosed in a technical profile last week