🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-34057

The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
198 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-33003

The watools package in PyPI v0.0.1 to v0.0.8 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
172 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-33002

The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
153 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-34066

The Texercise package in PyPI v0.0.1 to v0.0.12 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
143 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-34053

The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
143 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-34064

The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
139 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-33004

The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
👍1
139 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-34056

The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
136 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-32996

The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
136 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30885

** Reserved ** The pyesasky for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2.0-1.4.2.

📖 Read

via "National Vulnerability Database".
147 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-33000

The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
146 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-34055

The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
152 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-33122

A stored cross-site scripting (XSS) vulnerability in eyoucms v1.5.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL field under the login page.

📖 Read

via "National Vulnerability Database".
161 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-32998

The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
174 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-34059

The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
203 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-34054

The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
246 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-32999

The cloudlabeling package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
333 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-32997

The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
406 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-33001

The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

📖 Read

via "National Vulnerability Database".
515 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Threat Intelligence Services Are Universally Valued by IT Staff 🕴

Most of those surveyed are concerned about AI-based attacks and deepfakes, but suggest that their organization is ready.

📖 Read

via "Dark Reading".
Dark Reading
Threat Intelligence Services Are Universally Valued by IT Staff
Most of those surveyed are concerned about AI-based attacks and deepfakes but suggest that their organizations are ready.
🤯1
553 views
🛡 Cybersecurity & Privacy 🛡 - News
📢 'Embrace PowerShell for better security', say UK, US, NZ cyber authorities 📢

The powerful automation and IT administrative tool has been used by hackers as an attack tool, but proper configuration can take the power out of their hands

📖 Read

via "ITPro".
ITPro
'Embrace PowerShell for better security', say UK, US, NZ cyber authorities
The powerful automation and IT administrative tool has been used by hackers as an attack tool, but proper configuration can take the power out of their hands
432 views