Filter and explore the collected OSINT data
Showing 1–50 of 1334 total
| Severity | Title | Category | Source | Indicators | Tags | Published |
|---|---|---|---|---|---|---|
| high | sport.ps1 | malware | malware-bazaar | 0671be8c3c90f4f7…, 9f86a462681b3431… | ps1 | 2026-04-23 |
| high | pace.ps1 | malware | malware-bazaar | 6a94e0e6917dac14…, 54a8827f55792a6e… | ps1 | 2026-04-23 |
| high | Indeed.bat | malware | malware-bazaar | 6c403ed3119dae79…, 61a5049fb91d6a8b… | bat | 2026-04-23 |
| high | ENJOY.ps1 | malware | malware-bazaar | e178ec2c637f8340…, f65cf754c315bc22… | ps1 | 2026-04-23 |
| critical | payload_delivery: undefined | threat-intel | threatfox | ClearFake, StrelaStealer, Mirai, ClickFix, compromised, etherhiding, Polygon, Vidar, WordPress, SocGholish, Loki, storj, .NET, VDSINA, SmartLoader, Kongtuke, darkcomet, CobaltStrike, drb-ra, ProxyBox, Socks5 Systemz, ACR Stealer, Mozi, c2, r88vry, LokiBot, Android, banker, Kutxabank, NFCGate, NGate, Spain, Unicaja, ndroid, phish, 22April2026, Commandline, Windows, AS199968, DarkCloud, Internet Domain Service BS Corp., IWS NETWORKS LLC, subdomain, CastleLoader, finger-delivery, tcp79, trojan, ViriBack, RAT, ValleyRAT, RedLineStealer, Agentemis, Beacon, Cobalt Strike, cobeacon, RapidStealer, remcos, Gafgyt, ConnectBack, glassworm, Wave3, wallet-trojan, calendar-c2, infostealer stealer, opiusra, EnmityStealer, 1xxbot, ArechClient, SectopRAT, Stealc, CinaRAT, Quasar RAT, QuasarRAT, Yggdrasil, BotManager, MaskGramStealer, 21April2026, conhost-headless, finger-tcp79, fingerfix, win.fingerfix, AS15169, hak5, AS14618, AS14061, AS9123, cs-watermark-987654321, cs-watermark-100000, Fake Zoom, ScreenConnect, VBScript, Fake Microsoft Teams, Fake Adobe, SSA, ErrTraffic, Lumma, XWorm, GDrive, grpc, msi, NodeJS, TOR, NanoCore, dcrat, Steal, RemcosRAT, ExtRat, Xtreme RAT, AS24940, CHAOS, Hetzner Online GmbH, kimwolf, Discord, cs-watermark-666666, macOS, stealer, FrostStealer, etherhide, polygon-contract-stored-c2, 20April2026, Fake-Claude, Nancrat, NanoCore RAT, PureHVNC, PureRAT, AS202412, jarm-cluster, Omegatech, cluster25, sliver, clickfix-cluster, phishing, AS8075, Microsoft Corporation, Supershell, EXT, Fake Claude, ACRStealer, OffLoader, AISURU, exe, DGA, valleyrat_s2, REMPROXY, CrystalX, DeepLoad, AS205775, NEON CORE NETWORK LLC, Bot Manager, pw-ryos, DDNS, Fake Adobe Reader, Fake DocuSign, payload, Fake Google Meet, cs-watermark-305419896, cs-watermark-666666666, cs-watermark-391144938, DarkCrystal RAT, 18April2026, AS216084, itystealer, Kerem Uluboy, Access2.IT Network, AS208258, zabbix, AS64439, borz, RocketCloud.ru, honeypot, WebDav, botnet, controller, ssh, Amnesia Panel, Web Panel, NetSupport, asyncrat, garble, go, midie, sideload-asus, AS56971, AS56971 Cloud, UNAM, Amos, asar, atomic, wallet-injection, applescript, keystone-persistence, Loader, Vjw0rm, PhantomGate, SantaStealer, rmm, simplehelp, deerstealer, njrat, a10fsw, SHubStealer, Farfli, APT, kimsuky, DPRK, Lazarus, ESP, geo, GCleaner, SilentNet, 17April2026, KermitRAT, Breut, Fynloski, klovbot, Remvio, Socmer, tofsee, IClickFix, NetSupport RAT, ZigClipper, domain, Lumma Stealer, Mirax, 16April2026, infostealer, AS328543, Sun Network Company Limited, RedTigerStealer, WeedHack, Havoc, d0b0p, Lorikazz, AS932, XNNET LLC, SmartApeSG, AgingFly, UKR, odiznrio, Patchwork, cs-watermark-1234567890, quasar, dropped-by-vidar, exfil, FlagStealer, 15April2026, apt | 2026-04-23 | |
| high | SIMPLY.ps1 | malware | malware-bazaar | 43d206a3928e1d64…, 7fe9f680efb86603… | ps1 | 2026-04-23 |
| high | roughly.ps1 | malware | malware-bazaar | 7d8cf5a10104f024…, cb3af8617b37c043… | ps1 | 2026-04-23 |
| high | rail.ps1 | malware | malware-bazaar | 4f7d170b16f656a4…, f5612d481fc9e8c4… | ps1 | 2026-04-23 |
| high | Lunch.ps1 | malware | malware-bazaar | 5364a6db5cfb43f0…, 249dc8a9dc96ef5f… | ps1 | 2026-04-23 |
| high | Jump.ps1 | malware | malware-bazaar | 22bdb406f852375a…, 9cff319d04fe3ad5… | ps1 | 2026-04-23 |
| high | Gold.ps1 | malware | malware-bazaar | 2b9067eeb7909d5e…, 13543fe2894ca857… | ps1 | 2026-04-23 |
| high | 102214433.dll | malware | malware-bazaar | 8057846b383074f4…, da86876a180c98bd… | exe, Generic | 2026-04-23 |
| critical | Malicious IP: 45.148.10.151 | ip-reputation | abuse-ipdb | 45.148.10.151 | 2026-04-23 | |
| critical | Malicious IP: 58.57.154.146 | ip-reputation | abuse-ipdb | 58.57.154.146 | 2026-04-23 | |
| critical | Malicious IP: 213.209.159.231 | ip-reputation | abuse-ipdb | 213.209.159.231 | 2026-04-23 | |
| critical | Malicious IP: 37.10.113.217 | ip-reputation | abuse-ipdb | 37.10.113.217 | 2026-04-23 | |
| critical | Malicious IP: 66.132.172.157 | ip-reputation | abuse-ipdb | 66.132.172.157 | 2026-04-23 | |
| critical | Malicious IP: 152.32.182.165 | ip-reputation | abuse-ipdb | 152.32.182.165 | 2026-04-23 | |
| critical | Malicious IP: 88.214.25.121 | ip-reputation | abuse-ipdb | 88.214.25.121 | 2026-04-23 | |
| critical | Malicious IP: 193.163.125.91 | ip-reputation | abuse-ipdb | 193.163.125.91 | 2026-04-23 | |
| critical | Malicious IP: 195.178.110.26 | ip-reputation | abuse-ipdb | 195.178.110.26 | 2026-04-23 | |
| critical | Malicious IP: 222.239.251.12 | ip-reputation | abuse-ipdb | 222.239.251.12 | 2026-04-23 | |
| critical | Malicious IP: 64.62.156.203 | ip-reputation | abuse-ipdb | 64.62.156.203 | 2026-04-23 | |
| critical | Malicious IP: 45.148.10.147 | ip-reputation | abuse-ipdb | 45.148.10.147 | 2026-04-23 | |
| critical | Malicious IP: 167.172.126.69 | ip-reputation | abuse-ipdb | 167.172.126.69 | 2026-04-23 | |
| critical | Malicious IP: 45.40.57.23 | ip-reputation | abuse-ipdb | 45.40.57.23 | 2026-04-23 | |
| critical | Malicious IP: 2.57.122.197 | ip-reputation | abuse-ipdb | 2.57.122.197 | 2026-04-23 | |
| critical | Malicious IP: 174.138.29.13 | ip-reputation | abuse-ipdb | 174.138.29.13 | 2026-04-23 | |
| critical | Malicious IP: 195.85.207.253 | ip-reputation | abuse-ipdb | 195.85.207.253 | 2026-04-23 | |
| critical | Malicious IP: 92.118.39.196 | ip-reputation | abuse-ipdb | 92.118.39.196 | 2026-04-23 | |
| critical | Malicious IP: 87.251.64.147 | ip-reputation | abuse-ipdb | 87.251.64.147 | 2026-04-23 | |
| critical | Malicious IP: 14.225.3.79 | ip-reputation | abuse-ipdb | 14.225.3.79 | 2026-04-23 | |
| unknown | CVE-2026-41243 — OpenLearn is open-source educational forum software. Prior to commit 844b2a40a69d0c4911580fe501923f0… | vulnerability | nvd | CVE-2026-41243 | 2026-04-23 | |
| unknown | CVE-2026-41211 — Vite+ is a unified toolchain and entry point for web development. Prior to version 0.1.17, `download… | vulnerability | nvd | CVE-2026-41211 | 2026-04-23 | |
| critical | CVE-2026-41208 — Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business.… | vulnerability | nvd | CVE-2026-41208, CVE-2026-41679 | rce | 2026-04-23 |
| unknown | CVE-2026-41206 — PySpector is a static analysis security testing (SAST) Framework engineered for modern Python develo… | vulnerability | nvd | CVE-2026-41206 | 2026-04-23 | |
| unknown | CVE-2026-41200 — STIG Manager is an API and web client for managing Security Technical Implementation Guides (STIG) a… | vulnerability | nvd | CVE-2026-41200 | 2026-04-23 | |
| unknown | CVE-2026-41197 — Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compat… | vulnerability | nvd | CVE-2026-41197 | 2026-04-23 | |
| unknown | CVE-2026-41196 — Luanti (formerly Minetest) is an open source voxel game-creation platform. Starting in version 5.0.0… | vulnerability | nvd | CVE-2026-41196 | 2026-04-23 | |
| medium | CVE-2026-41182 — LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to version 0.… | vulnerability | nvd | CVE-2026-41182 | 2026-04-23 | |
| high | CVE-2026-41180 — PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.4.3, the upload… | vulnerability | nvd | CVE-2026-41180 | 2026-04-23 | |
| medium | CVE-2026-1923 — The Social Rocket – Social Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Sc… | vulnerability | nvd | CVE-2026-1923 | 2026-04-23 | |
| high | Earn.ps1 | malware | malware-bazaar | 95b620de060eaaed…, 4725d3cc859e5ce0… | ps1 | 2026-04-23 |
| high | 57E2D4450641AFB778B17A9348AE707F.exe | malware | malware-bazaar | ebe53bdc9a171b42…, 57e2d4450641afb7… | exe, Loki | 2026-04-23 |
| high | vpuuaqjs.dll | malware | malware-bazaar | bc4398448cea0dce…, 53062a067d23ec46… | dll | 2026-04-23 |
| high | perfect.ps1 | malware | malware-bazaar | 4f3ac17ca2c10d51…, 202a45a94c6484ea… | ps1 | 2026-04-23 |
| high | explorer.exe | malware | malware-bazaar | 827954fcfe9efbda…, 95267bdaef5c9170… | exe | 2026-04-23 |
| medium | payload: undefined | threat-intel | threatfox | .NET, stage3, CLR-host, stage2, ClickFix, garble, go, EnmityStealer, finger-tcp79, fingerfix, win.fingerfix, finger-delivery, Mirax | 2026-04-23 | |
| medium | CVE-2026-6878 — A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function math_equal of… | vulnerability | nvd | CVE-2026-6878 | 2026-04-23 | |
| medium | CVE-2026-6874 — A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function… | vulnerability | nvd | CVE-2026-6874 | 2026-04-23 |