Filter and explore the collected OSINT data
Showing 1–50 of 1383 total
| Severity | Title | Category | Source | Indicators | Tags | Published |
|---|---|---|---|---|---|---|
| critical | payload_delivery: undefined | threat-intel | threatfox | ClearFake, 22April2026, Commandline, Windows, DarkCloud, ViriBack, CobaltStrike, drb-ra, RAT, ValleyRAT, RedLineStealer, Agentemis, Beacon, Cobalt Strike, cobeacon, Kongtuke, c2, RapidStealer, StrelaStealer, ClickFix, compromised, etherhiding, Polygon, Vidar, WordPress, remcos, Gafgyt, ConnectBack, glassworm, Wave3, wallet-trojan, calendar-c2, infostealer stealer, opiusra, EnmityStealer, 1xxbot, ArechClient, SectopRAT, Stealc, CinaRAT, Quasar RAT, QuasarRAT, Yggdrasil, BotManager, Mirai, MaskGramStealer, 21April2026, conhost-headless, finger-tcp79, fingerfix, win.fingerfix, finger-delivery, AS15169, hak5, AS14618, AS14061, AS9123, SocGholish, cs-watermark-987654321, cs-watermark-100000, Fake Zoom, ScreenConnect, VBScript, Fake Microsoft Teams, Fake Adobe, SSA, ErrTraffic, Lumma, r88vry, XWorm, GDrive, grpc, msi, NodeJS, TOR, darkcomet, NanoCore, dcrat, Steal, RemcosRAT, ExtRat, Xtreme RAT, AS24940, CHAOS, Hetzner Online GmbH, kimwolf, Discord, cs-watermark-666666, macOS, stealer, FrostStealer, etherhide, polygon-contract-stored-c2, 20April2026, Fake-Claude, Nancrat, NanoCore RAT, PureHVNC, PureRAT, AS202412, jarm-cluster, Omegatech, cluster25, sliver, clickfix-cluster, phishing, AS8075, Microsoft Corporation, Supershell, Mozi, EXT, Fake Claude, ACRStealer, OffLoader, AISURU, exe, DGA, valleyrat_s2, REMPROXY, CrystalX, DeepLoad, AS205775, NEON CORE NETWORK LLC, Bot Manager, pw-ryos, DDNS, Fake Adobe Reader, Fake DocuSign, payload, Fake Google Meet, cs-watermark-305419896, cs-watermark-666666666, cs-watermark-391144938, DarkCrystal RAT, 18April2026, AS216084, itystealer, Kerem Uluboy, Access2.IT Network, AS208258, zabbix, AS64439, borz, RocketCloud.ru, honeypot, WebDav, botnet, controller, ssh, Amnesia Panel, Web Panel, NetSupport, asyncrat, garble, go, midie, sideload-asus, AS56971, AS56971 Cloud, UNAM, Amos, asar, atomic, wallet-injection, applescript, keystone-persistence, Loader, Vjw0rm, PhantomGate, SantaStealer, rmm, simplehelp, deerstealer, njrat, a10fsw, SHubStealer, Farfli, APT, kimsuky, DPRK, Lazarus, ESP, geo, GCleaner, SilentNet, 17April2026, KermitRAT, Breut, Fynloski, klovbot, Remvio, Socmer, tofsee, IClickFix, NetSupport RAT, ZigClipper, domain, Lumma Stealer, Mirax, 16April2026, infostealer, AS328543, Sun Network Company Limited, RedTigerStealer, WeedHack, Havoc, d0b0p, Loki, Lorikazz, AS932, XNNET LLC, SmartApeSG, AgingFly, UKR, odiznrio, Patchwork, cs-watermark-1234567890, quasar, dropped-by-vidar, exfil, FlagStealer, SmartLoader, 15April2026, Metateam1337x-afk, apt | 2026-04-22 | |
| high | 967486f372064f8edc8695c91660fe436dadb2cd848a251268c8002fccd4f45c | malware | malware-bazaar | 967486f372064f8e…, 177cb7e200e19e8a… | 83-142-209-204, exe | 2026-04-22 |
| high | 3e65e72b82055d6897cde37c80e4bf9fa04a14a88a8a59233fe6688486a1a31d.ps1 | malware | malware-bazaar | 3e65e72b82055d68…, 51d9788d36bd5197… | 83-142-209-204, ps1 | 2026-04-22 |
| high | 286640beb0eae8359a4c78ac95b293392943088c60823f7fc269a4488316d885.ps1 | malware | malware-bazaar | 286640beb0eae835…, 83c0c504b4d2ca6d… | 83-142-209-204, ps1, botnet | 2026-04-22 |
| high | 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747.zip | malware | malware-bazaar | 1feea0fb9e74f08c…, d22d0f4b9e9f1c86… | 83-142-209-204, stego, zip, botnet | 2026-04-22 |
| high | update.ps1 | malware | malware-bazaar | b95f31100a5e8a33…, 4ea1d81fa5a11e17… | 107-173-143-107, ps1 | 2026-04-22 |
| unknown | DPRK Fake Job Scams Self-Propagate in 'Contagious Interview' | news | general-news | 2026-04-22 | ||
| high | archive0331.zip | malware | malware-bazaar | 44671d56654521eb…, 1d23a84bbde85808… | lauderdale-dollar-mar-forgot-trycloudflare-com, zip | 2026-04-22 |
| high | Order List.js | malware | malware-bazaar | 8c4758e6736950e0…, 3adeb1a915fa0151… | 107-173-143-107, js | 2026-04-22 |
| high | 69f215a8744582fdd7f1643be8fd8587cd6edb18834de.exe | malware | malware-bazaar | 69f215a8744582fd…, 73d0fe59ff15619d… | exe, RAT, ValleyRAT | 2026-04-22 |
| high | 1aa21baefecada61d25cf01cd1eb681b.exe | malware | malware-bazaar | f64ccc637b29a400…, 1aa21baefecada61… | exe, RedLineStealer, infostealer | 2026-04-22 |
| high | 最新版收菜软件【内部版】.exe | malware | malware-bazaar | 26d67030c87fe261…, 9c256ee0d49b6d3d… | exe, XRed, XRedRAT | 2026-04-22 |
| high | 商家版.exe | malware | malware-bazaar | 16f75af75110e7a9…, cb2d702aeb37410e… | exe, XRed, XRedRAT | 2026-04-22 |
| unknown | After Bluesky, Mastodon Targeted in DDoS Attack | news | general-news | 2026-04-22 | ||
| high | inst.880233900b.exe | malware | malware-bazaar | 6326aadda1ea3106…, f5836b923aa05cfc… | exe, SilverFox, Trojan/SilverFox.bm[lddel], ValleyRAT | 2026-04-22 |
| high | Chormex33.exe | malware | malware-bazaar | 2cae0bd8e9fc6d05…, 35956895c3e0e955… | exe, SilverFox, ValleyRAT | 2026-04-22 |
| high | ps.ps1 | malware | malware-bazaar | 5c11f39ef919cbe0…, cc60ac8abcd3a80e… | booking, lkgkdsjd-com, ps1, pulse-srvc-com | 2026-04-22 |
| high | 21c07c68a32d37b4dfcdcf4d321e26105f7f41a079d7a6e9c66867737409a935.html | malware | malware-bazaar | 21c07c68a32d37b4…, 338bbb92eac94516… | booking, html, lkgkdsjd-com, pulse-srvc-com | 2026-04-22 |
| medium | CVE-2026-6862 — A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fai… | vulnerability | nvd | CVE-2026-6862 | 2026-04-22 | |
| medium | CVE-2026-6861 — A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs proc… | vulnerability | nvd | CVE-2026-6861 | 2026-04-22 | |
| high | CVE-2026-6859 — A flaw was found in InstructLab. The `linux_train.py` script hardcodes `trust_remote_code=True` when… | vulnerability | nvd | CVE-2026-6859 | 2026-04-22 | |
| unknown | CVE-2026-6356 — A vulnerability in the web application allows standard users to escalate their privileges to those o… | vulnerability | nvd | CVE-2026-6356 | 2026-04-22 | |
| unknown | CVE-2026-6355 — A vulnerability in the web application allows unauthorized users to access and manipulate sensitive… | vulnerability | nvd | CVE-2026-6355 | 2026-04-22 | |
| unknown | CVE-2026-5750 — An insecure direct object reference (IDOR) vulnerability in the Fullstep V5 registration process all… | vulnerability | nvd | CVE-2026-5750 | 2026-04-22 | |
| unknown | CVE-2026-5749 — Inadequate access control in the registration process in Fullstep V5, which could allow unauthentica… | vulnerability | nvd | CVE-2026-5749 | 2026-04-22 | |
| high | CVE-2026-41651 — PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way us… | vulnerability | nvd | CVE-2026-41651 | 2026-04-22 | |
| critical | Malicious IP: 2.57.122.177 | ip-reputation | abuse-ipdb | 2.57.122.177 | 2026-04-22 | |
| critical | Malicious IP: 85.29.197.188 | ip-reputation | abuse-ipdb | 85.29.197.188 | 2026-04-22 | |
| critical | Malicious IP: 107.170.38.20 | ip-reputation | abuse-ipdb | 107.170.38.20 | 2026-04-22 | |
| critical | Malicious IP: 102.219.126.124 | ip-reputation | abuse-ipdb | 102.219.126.124 | 2026-04-22 | |
| critical | Malicious IP: 196.189.155.89 | ip-reputation | abuse-ipdb | 196.189.155.89 | 2026-04-22 | |
| critical | Malicious IP: 106.12.18.199 | ip-reputation | abuse-ipdb | 106.12.18.199 | 2026-04-22 | |
| critical | Malicious IP: 211.223.107.86 | ip-reputation | abuse-ipdb | 211.223.107.86 | 2026-04-22 | |
| critical | Malicious IP: 92.118.39.196 | ip-reputation | abuse-ipdb | 92.118.39.196 | 2026-04-22 | |
| critical | Malicious IP: 2.57.122.191 | ip-reputation | abuse-ipdb | 2.57.122.191 | 2026-04-22 | |
| critical | Malicious IP: 88.151.32.168 | ip-reputation | abuse-ipdb | 88.151.32.168 | 2026-04-22 | |
| critical | Malicious IP: 103.39.225.73 | ip-reputation | abuse-ipdb | 103.39.225.73 | 2026-04-22 | |
| critical | Malicious IP: 92.118.39.195 | ip-reputation | abuse-ipdb | 92.118.39.195 | 2026-04-22 | |
| critical | Malicious IP: 152.32.213.68 | ip-reputation | abuse-ipdb | 152.32.213.68 | 2026-04-22 | |
| critical | Malicious IP: 87.249.18.170 | ip-reputation | abuse-ipdb | 87.249.18.170 | 2026-04-22 | |
| critical | Malicious IP: 188.127.237.85 | ip-reputation | abuse-ipdb | 188.127.237.85 | 2026-04-22 | |
| critical | Malicious IP: 64.62.197.91 | ip-reputation | abuse-ipdb | 64.62.197.91 | 2026-04-22 | |
| critical | Malicious IP: 2.57.122.195 | ip-reputation | abuse-ipdb | 2.57.122.195 | 2026-04-22 | |
| critical | Malicious IP: 195.178.110.30 | ip-reputation | abuse-ipdb | 195.178.110.30 | 2026-04-22 | |
| critical | Malicious IP: 103.143.207.15 | ip-reputation | abuse-ipdb | 103.143.207.15 | 2026-04-22 | |
| critical | Malicious IP: 85.217.149.35 | ip-reputation | abuse-ipdb | 85.217.149.35 | 2026-04-22 | |
| medium | CVE-2026-33611 — An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS… | vulnerability | nvd | CVE-2026-33611 | 2026-04-22 | |
| medium | CVE-2026-33610 — A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when… | vulnerability | nvd | CVE-2026-33610 | 2026-04-22 | |
| medium | CVE-2026-33609 — Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queri… | vulnerability | nvd | CVE-2026-33609 | 2026-04-22 | |
| high | CVE-2026-33608 — An attacker can send a notify request that causes a new secondary domain to be added to the bind bac… | vulnerability | nvd | CVE-2026-33608 | 2026-04-22 |