Security Affairs
Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Expert launched Malvuln, a project to report flaws in malware

The researcher John Page launched malvuln.com, the first website exclusively dedicated to the research of security flaws in malware codes. The security expert John Page (aka hyp3rlinx) launched malvuln.com, the first platform exclusively dedicated to the research of security flaws in malware codes. The news was first announced by SecurityWeek, the researcher explained that Malvuln is […]

Malvuln

The researcher John Page launched malvuln.com, the first website exclusively dedicated to the research of security flaws in malware codes.

The security expert John Page (aka hyp3rlinx) launched malvuln.com, the first platform exclusively dedicated to the research of security flaws in malware codes.

The news was first announced by SecurityWeek, the researcher explained that Malvuln is the first website dedicated to research and analysis of vulnerabilities in malware samples.

“malvuln.com is the first website exclusively dedicated to the research of security vulnerabilities within Malware itself.” wrote the expert. “There are many websites already offering information about Malware like Hashes, IOC, Reversing etc. However, none dedicated to research and analysis of vulnerabilities within Malware samples… until now. Long Live MALVULN.”

Sharing the knowledge of vulnerabilities affecting malware could allow incident response teams to neutralize the threat in case of infections, but could also help vxers to address them end improve their malware. For this reason, it is likely that Page will regulate the vulnerability disclosure process in the future.

This is a great initiative, we have to support it, everyone can get in contact with the expert via Twitter (@malvuln) or Email (malvuln13[at]gmail.com).

Currently, Page is the unique contributor of the Malvuln service, but he could start accepting third-party contributions in the future.

Clearly, the initiative is born for educational and research purposes only.

At the time of writing the site already includes 26 entries related to remotely exploitable buffer overflow flaws and privilege escalation issues. Most of the buffer overflow vulnerabilities could be exploited for remote code execution.

For each flaw reported through the website, the record includes multiple information such as the name of the malware, the MD5 hash, the type of vulnerability, a description of the vulnerability, dropped files, a memory dump, and proof-of-concept (PoC) exploit code.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Golang-based worm)

[adrotate banner=”5″]

[adrotate banner=”13″]