Analyst2071d ago

Hackers exploit Marimo flaw to spread NKAbuse malware via Hugging Face

Hackers are exploiting a critical flaw in Marimo's reactive Python notebook to spread a new variant of NKAbuse malware, sneaking malicious payloads onto Hugging Face Spaces, a popular platform for sharing machine learning models. This alarming attack highlights the need for vigilance when it comes to defending against malware…

https://osintsights.com/hackers-exploit-marimo-flaw-to-spread-nkabuse-malware-via-hugging-face?utm_source=mastodon&utm_medium=social

#Marimo #NkabuseMalware #HuggingFace #MalwareOperations #EmergingThreats

Hackers exploit Marimo flaw to spread NKAbuse malware via Hugging Face

Hackers exploit Marimo flaw to spread NKAbuse malware via Hugging Face, learn how to defend against this critical vulnerability now and protect your systems from attack.

OSINTSights
The New Oil5d ago

Critical #Marimo pre-auth RCE flaw now under active exploitation

https://www.bleepingcomputer.com/news/security/critical-marimo-pre-auth-rce-flaw-now-under-active-exploitation/

#cybersecurity

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged for credential theft.

BleepingComputer
Analyst2075d ago

Marimo Flaw Exploited for Credential Theft in Active Attacks

A critical vulnerability in Marimo is being actively exploited by attackers to steal sensitive credentials, and it requires no prior authentication to run code remotely. This flaw has severe consequences for organizations using Marimo, making it essential to take immediate action.

https://osintsights.com/marimo-flaw-exploited-for-credential-theft-in-active-attacks?utm_source=mastodon&utm_medium=social

#Marimo #CredentialTheft #RemoteCodeExecution #Preauthentication #ActiveExploitation

Marimo Flaw Exploited for Credential Theft in Active Attacks

Marimo vulnerability exploited in active attacks for credential theft, learn how to protect your organization now from this critical pre-authentication RCE flaw.

OSINTSights
securityaffairs6d ago
CVE-2026-39987: #Marimo RCE exploited in hours after Disclosure
https://securityaffairs.com/190623/hacking/cve-2026-39987-marimo-rce-exploited-in-hours-after-disclosure.html
#securityaffairs #hacking #malware
CVE-2026-39987: Marimo RCE exploited in hours after disclosure

A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure.

Security Affairs
Analyst207Apr 10

Marimo Flaw CVE-2026-39987 Exploited Rapidly After Disclosure

A single line of code can drastically change the risk landscape for thousands of users - and that's exactly what happened with Marimo, an open-source Python notebook, when a critical vulnerability (CVE-2026-39987) was exploited just 10 hours after its disclosure. This severe flaw, with a CVSS score of 9.3, allows pre-authenticated…

https://osintsights.com/marimo-flaw-cve-2026-39987-exploited-rapidly-after-disclosure?utm_source=mastodon&utm_medium=social

#Cve202639987 #Marimo #RemoteCodeExecution #OpensourceSoftware #DataScience

Marimo Flaw CVE-2026-39987 Exploited Rapidly After Disclosure

Learn how CVE-2026-39987 in Marimo was exploited within 10 hours of disclosure. Read the details now and stay ahead of vulnerabilities.

OSINTSights
Endor LabsApr 9

One missed auth check on a WebSocket = full shell. The #Marimo vuln (CVE-2026-39987) was exploited in ~10 hours.

Upgrade to 0.23.0+, enforce auth on every WebSocket, and keep terminals off the public internet—WebSockets don’t inherit security.
https://www.endorlabs.com/learn/root-in-one-request-marimos-critical-pre-auth-rce-cve-2026-39987

Jeremy MonatApr 8
What if hitting multiple drug targets wasn't a problem to solve, but an advantage to exploit? I'll be exploring that idea at the #marimo Community Call on April 9, 3–4PM ET — covering drug discovery with a compound-first approach.
RSVP at https://luma.com/6p89x1s2?tk=TGd9ER
#chemistry #drugDiscovery #notebook #python #RDKit #sqlite
marimo community call · Luma

Hear directly from the developers of marimo at this year's inaugural community call. We'll share our roadmap, and demo an exciting new feature that we believe…

Show threadFiveSpeed  Apr 5
@joel @jhylin #marimo has replaced #jupyter for nearly all of my notebook work, for probably a year or so now. It's a really cool project.
Jan HelebrantFeb 18
Tak koule dostaly nedávno nový "nábytek" z Kréty, zatím se zdá, že jim vyhovuje...
https://www.flickr.com/photos/96541566@N06/55103788310/
#řasokoule #Aegagropila #Cladophora #mossball #marimomossball #marimo
Simone ConradiFeb 7

Falling in love with #marimo.
Scattering of roots of perturbed quadratic equations.
Made with #python #numpy #matplotlib and @marimo_io

Notebook and code: https://static.marimo.app/static/roots-of-perturbed-quadratic-equations-4qhc