TF-1833942 |
Mozi: URL that delivers a malware payload http://72.255.3.97:44709/Mozi.m |
high |
Mozi |
3 |
10 |
|
|
|
TF-1833941 |
Mozi: URL that delivers a malware payload http://42.230.218.169:36211/Mozi.m |
high |
Mozi |
3 |
10 |
|
|
|
TF-1833939 |
Mozi: URL that delivers a malware payload http://113.99.201.216:40944/Mozi.a |
high |
Mozi |
3 |
10 |
|
|
|
TF-1833940 |
Mozi: URL that delivers a malware payload http://186.4.217.208:43140/Mozi.m |
high |
Mozi |
3 |
10 |
|
|
|
TF-1833938 |
Mozi: URL that delivers a malware payload http://223.123.77.15:48168/Mozi.m |
high |
Mozi |
3 |
10 |
|
|
|
MB-7ca44fd4dafbab0d887e95504b9ee69f0ba2b9fad8d9e656917557980d681532 |
Unknown: nz.m68k |
high |
Unknown |
1 |
10 |
|
|
|
MB-8354c72cb6a8b0894886897b31ac8c17db4516d761154af49d0a78f81938ef5d |
Unknown: bot.x86 |
high |
Unknown |
1 |
10 |
|
|
|
URLhaus-PL-22eb75dfc037517fc0f62570c77379a708a8769fe654bb7c58177ecb17f3c2ee |
URLhaus payload: (elf) 22eb75dfc037517f… |
medium |
malware |
2 |
8 |
|
|
|
MB-17ba004b8a09b13ce9a85932e018a2e85b1c0432e83037a6471841297b0ab9b2 |
Unknown: 216.203.20.196_1781846472767496_oauth_token.bin |
high |
Unknown |
1 |
10 |
|
|
|
MB-4c6bdda780076640a2b05300d3aa84bcd30b2b626bbff695d933a3783416c8ec |
Unknown: 216.203.20.196_1781846472749734_oauth_token.bin |
high |
Unknown |
1 |
10 |
|
|
|
URLhaus-PL-2a72597e181d00b01df28ff8f824eca79bac61af62464c363f2b5920e4ab5e9d |
URLhaus payload: (json) 2a72597e181d00b0… |
medium |
malware |
2 |
8 |
|
|
|
URLhaus-PL-c574b2c20adaf386354a1a83f6c48f1a70c81e84604f709be76e26c8d4e58c18 |
URLhaus payload: (html) c574b2c20adaf386… |
medium |
malware |
2 |
8 |
|
|
|
URLhaus-PL-ef6be8732621b87638eeafb14a3ab149ad937e55269804975ff5290e67c519a1 |
URLhaus payload: (unknown) ef6be8732621b876… |
medium |
malware |
2 |
8 |
|
|
|
TF-1833917 |
Cobalt Strike: ip:port combination that is used for botnet Command&control (C&C) 115.190.147.66:63512 |
high |
Cobalt Strike |
2 |
3 |
|
|
|
MB-b9c43cbbc9b35df9f526e3863d782db4e8a9b89b7e693613bfa1e98c5c89cba2 |
CoinMiner: file |
high |
CoinMiner |
1 |
8 |
|
|
|
MB-3be6209a04506315aa497599f3c1cc2c0cae30f0ea874882f413b1da39c42634 |
WannaCry: 3be6209a04506315aa497599f3c1cc2c0cae30f0ea874882f413b1da39c42634 |
high |
WannaCry |
1 |
8 |
|
|
|
TF-1833915 |
Mirai: ip:port combination that delivery a malware payload 5.175.223.249:6969 |
high |
Mirai |
2 |
3 |
|
|
|
CVE-2026-3640 |
STRABL <= 4.5 - Unauthenticated Arbitrary Webhook Creation via REST API Endpoint |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
MB-d59530f2c86e6bb8dc84e934bbb28b2412f007014fed1ac528317356af2918ee |
Unknown: 34.246.160.82_1781802066929359_wp-admin_admin-ajax.php_hfaBf.zip.bin |
high |
Unknown |
1 |
8 |
|
|
|
MB-bccb99ed4486fccb25270b360a2cd85fd38fa69593de49c71d441c93059dfc92 |
Mirai: px86 |
high |
Mirai |
1 |
8 |
|
|
|
CVE-2026-6798 |
2Download Connector for 2DL Hosted Checkout <= 0.1.5 - Missing Authorization to Unauthenticated Sensitive Customer Subscription Data Exposure via 'ToDownload_email' Parameter |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-7515 |
BetterDocs Pro <= 3.8.0 - Unauthenticated Local File Inclusion via doc_style |
critical |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-8118 |
Royal Addons for Elementor – Addons and Templates Kit for Elementor 1.7.1058 - 1.7.1059 - Authenticated (Contributor+) Arbitrary File Read via Data Table Widget CSV File Source |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-8713 |
Avada (Fusion) Builder <= 3.15.3 - Unauthenticated Arbitrary File Deletion via Form Entry Value |
critical |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-1856 |
Appointment Booking Calendar <= 1.4.4 - Authenticated (Author+) Stored Cross-Site Scripting via Custom Booking Field Label |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-7547 |
Woosa <= 2.0.5 - Authenticated (Administrator+) Arbitrary File Read via 'log_file' Parameter |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-10034 |
WP DSGVO Tools (GDPR) <= 3.1.39 - Missing Authorization to Unauthenticated Sensitive Personal Data Disclosure via subject-access-request AJAX Endpoint (process_now/is_ajax Parameters) |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-9013 |
Bogo <= 3.9.1 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via REST API |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-11989 |
Bit integrations <= 2.8.7 - Unauthenticated Server-Side Request Forgery via Form Field Upload Mapping |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-4328 |
Advanced Import: One-Click Demo Import for WordPress <= 1.4.6 - Authenticated (Author+) Server-Side Request Forgery via 'demo_file' Parameter |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-12430 |
Blocksy Companion <= 2.1.45 - Authenticated (Editor+) Stored Cross-Site Scripting via 'product_description' Parameter |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-12157 |
BetterDocs <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'blockId' Block Attribute |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
CVE-2026-10779 |
Classified Listing <= 5.4.2 - Missing Authorization to Authenticated (Subscriber+) Feature Modification via Multiple AJAX Handlers ('listingId'/'id' Parameters) |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
MB-286e62f0f74ba6949f9843967a0c0873f22de5816c5fbb3f6fd0cd84828b13a8 |
Unknown: p |
high |
Unknown |
1 |
8 |
|
|
|
MB-f4969ace85c931b4fbeec7d6a39ca94f4d1c4b788c5c20cc0c4fcc117990244c |
Mirai: parm7 |
high |
Mirai |
1 |
8 |
|
|
|
CVE-2026-11775 |
User Admin Simplifier <= 3.0.0 - Cross-Site Request Forgery |
medium |
wordpress-vulnerability |
3 |
3 |
|
|
|
TF-1833755 |
Unknown malware: URL that delivers a malware payload https://siledepartamentos.com/ |
high |
Unknown malware |
3 |
8 |
|
|
|
TF-1833756 |
Unknown malware: URL that delivers a malware payload https://qantify.net/ |
high |
Unknown malware |
3 |
8 |
|
|
|
TF-1833769 |
Mirai: ip:port combination that delivery a malware payload 103.183.119.48:12560 |
high |
Mirai |
2 |
7 |
|
|
|
TF-1833768 |
ClearFake: Domain name that delivers a malware payload oxidbetkade.online |
high |
ClearFake |
2 |
10 |
|
|
|
TF-1833745 |
Unknown Stealer: URL that delivers a malware payload https://domokitw.lol/downloads |
medium |
Unknown Stealer |
2 |
10 |
|
|
|
MB-ab692299315151ffe9be66b9e33dc27dd80e30fd92f0ea798fee2fcac0356db0 |
Mirai: nova.sh4 |
high |
Mirai |
1 |
8 |
|
|
|
MB-05714ba2f8092c8acacc59c3c038c4daf1041efa9c443878a5c9013bb4032886 |
Mirai: nova.mipsel |
high |
Mirai |
1 |
8 |
|
|
|
URLhaus-PL-05714ba2f8092c8acacc59c3c038c4daf1041efa9c443878a5c9013bb4032886 |
URLhaus payload: Mirai (elf) 05714ba2f8092c8a… |
medium |
Mirai |
2 |
8 |
|
|
|
URLhaus-PL-153a6f83e01f59f52b7c2749168de5d90191e1b6644d4d39205480adb09f8679 |
URLhaus payload: Mirai (elf) 153a6f83e01f59f5… |
medium |
Mirai |
2 |
8 |
|
|
|
TF-1833636 |
ClearFake: Domain name that delivers a malware payload 59k3ql4x.akhlagvaahkam.xyz |
high |
ClearFake |
2 |
8 |
|
|
|
TF-1833635 |
ClearFake: Domain name that delivers a malware payload ddbk25ms.helabetkade.com |
high |
ClearFake |
2 |
8 |
|
|
|
URLhaus-PL-d014759d854fb1bce0344c735ca3f522b40f7a3a371a090f4b4716da35316ef7 |
URLhaus payload: (html) d014759d854fb1bc… |
medium |
malware |
2 |
8 |
|
|
|
URLhaus-PL-6c2ecd81da282c9c31069d62517065464435484def6f10e434a61b960dec9630 |
URLhaus payload: (html) 6c2ecd81da282c9c… |
medium |
malware |
2 |
8 |
|
|
|
TF-1833630 |
KongTuke: URL that delivers a malware payload https://henriqueq.xyz/api/v1/status |
high |
KongTuke |
3 |
10 |
|
|
|