Skip to main content

Main navigation

Home
About Us
News and Updates
Advisories
Report an Incident
Publications

Search

Four Malicious npm Packages Delivering Infostealers and Phantom Bot DDoS Malware

Advisories 19 May 2026

MiniPlasma – Windows Cloud Files Mini Filter Driver Zero-Day Bypasses 2020 Patch, Grants SYSTEM Access

Advisories 19 May 2026

DirtyDecrypt (DirtyCBC) – Linux Kernel rxgk Missing COW Guard Grants Root Access (CVE-2026-31635)

Advisories 19 May 2026

YellowKey – BitLocker Bypass via Windows Recovery Environment (WinRE) Zero-Day

Advisories 14 May 2026

Fragnesia – Linux Kernel Local Privilege Escalation via XFRM ESP-in-TCP (CVE-2026-46300)

Advisories 14 May 2026

Advisories 29 March 2018 / 0 Comments

Advisory on Drupal core - Remote Code Execution

This advisory focuses on the Remote Code Execution vulnerability.

RELATED ADVISORIES

Advisories 19 May 2026

Four Malicious npm Packages Delivering Infostealers and Phantom Bot DDoS Malware

Scope: npm Ecosystem (chalk-tempalte, @deadcode09284814/axios-util, axois-utils, color-style-utils)

Severity: Red

MiniPlasma – Windows Cloud Files Mini Filter Driver Zero-Day Bypasses 2020 Patch, Grants SYSTEM Access

Advisories 19 May 2026

DirtyDecrypt (DirtyCBC) – Linux Kernel rxgk Missing COW Guard Grants Root Access (CVE-2026-31635)

Advisories 19 May 2026

Exim "Dead.Letter" – Unauthenticated RCE via BDAT Use-After-Free in GnuTLS Builds (CVE-2026-45185)

Advisories 14 May 2026

NGINX Rift – 18-Year-Old Heap Buffer Overflow in Rewrite Module Enables Unauthenticated RCE (CVE-2026-42945)

Advisories 14 May 2026

Fragnesia – Linux Kernel Local Privilege Escalation via XFRM ESP-in-TCP (CVE-2026-46300)

Advisories 14 May 2026

YellowKey – BitLocker Bypass via Windows Recovery Environment (WinRE) Zero-Day

Advisories 14 May 2026

Recent Advisories

01

Four Malicious npm Packages Delivering Infostealers and Phantom Bot DDoS Malware
02

MiniPlasma – Windows Cloud Files Mini Filter Driver Zero-Day Bypasses 2020 Patch, Grants SYSTEM Access
03

DirtyDecrypt (DirtyCBC) – Linux Kernel rxgk Missing COW Guard Grants Root Access (CVE-2026-31635)
04

Exim "Dead.Letter" – Unauthenticated RCE via BDAT Use-After-Free in GnuTLS Builds (CVE-2026-45185)
05

NGINX Rift – 18-Year-Old Heap Buffer Overflow in Rewrite Module Enables Unauthenticated RCE (CVE-2026-42945)
06

Fragnesia – Linux Kernel Local Privilege Escalation via XFRM ESP-in-TCP (CVE-2026-46300)

Categories

Advisories
Cyber Updates

Contact info

National Information Technology Authority - Uganda,Palm Courts, Plot 7A, Rotary Avenue (Former Lugogo Bypass)

P.O. Box 33151, Kampala - Uganda
+256-417 801038
Map Location
[email protected]

Useful Links

Home
About Us
News and Updates
Advasories
Report Incident
Publications

Subscribe to our Mailing List

Stay up to date with our Newsletter (The Computer Emergency Response Team/Coordination Center (CERT.UG/CC))

Email

The subscriber's email address.

© 2022 . All Rights Reserved | Powered by NITA Uganda.