Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware

Threat actors have been increasingly observed using AI-generated YouTube Videos to spread a variety of stealer malware such as Raccoon, RedLine, and Vidar. "The videos lure users by pretending to be tutorials on how to download cracked versions of software such as Photoshop, Premiere Pro, Autodes...

Campaign URL Builder < 1.8.2 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks The shortcode need to be active can be done...

Package discontinued because Bitly lowered the free quota

On November 17, 2022, an email was received from Bitly advising that the new link quota per free token is lowered to 50 per month from its previous value of 1000 per month. As per the email, this change is effective on December 8, 2022. The new quota is so low as to not be useful. For this reason...

GHSA-GGRH-GRJ3-VFVW Package discontinued because Bitly lowered the free quota

On November 17, 2022, an email was received from Bitly advising that the new link quota per free token is lowered to 50 per month from its previous value of 1000 per month. As per the email, this change is effective on December 8, 2022. The new quota is so low as to not be useful. For this reason...

Cross-site Request Forgery (CSRF)

CSRF in Bitly oauth2proxy 2.1 during authentication flow...

GHSA-RRM8-32G4-W8M3 Cross-site Request Forgery (CSRF)

CSRF in Bitly oauth2proxy 2.1 during authentication flow...

GHSA-JM34-XM8M-W958 Open Redirect in oauth2_proxy

The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...

Open Redirect in oauth2_proxy

The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...

Self-XSS - Self-XSS Attack Using Bit.Ly To Grab Cookies Tricking Users Into Running Malicious Code

Self-XSS attack using bit.ly to grab cookies tricking users into running malicious code How it works? Self-XSS is a social engineering attack used to gain control of victims' web accounts by tricking users into copying and pasting malicious content into their browsers. Since Web browser vendors a...

Upgraded Aggah malspam campaign delivers multiple RATs

By Asheer Malhotra Cisco Talos has observed an upgraded version of a malspam campaign known to distribute multiple remote access trojans RATs.The infection chain utilized in the attacks is highly modularized.The attackers utilize publicly available infrastructure such as Bitly and Pastebin spread...

Katana - A Python Tool For Google Hacking

Katana-ds ds for dorkscanner is a simple python tool that automates Google Hacking/Dorking and support Tor It becomes more powerful in combination with GHDB Installation : Use the package manager pip to install requirements cd Katana python3 pip install -r requirments python3 katana-ds.py Tested...

Millions of Accounts From Previous Bitly and Kickstarter Breaches Exposed

By Waqas Its another day with yet another story of a data This is a post from HackRead.com Read the original post: Millions of Accounts From Previous Bitly and Kickstarter Breaches Exposed...

Bitly oauth2_proxy Cross-Site Request Forgery Vulnerability

Bitly oauth2proxy is a reverse proxy server that provides authentication with Google, Github and other providers. A cross-site request forgery vulnerability exists in Bitly oauth2proxy version 2.1. A remote attacker can exploit this vulnerability to perform unauthorized operations...

Bitly oauth2_proxy open redirect vulnerability

Bitly oauth2proxy is a reverse proxy server that provides authentication with Google, Github and other providers. An open redirection vulnerability exists in Bitly oauth2proxy 2.1 and earlier versions. A remote attacker can exploit this vulnerability to redirect users to arbitrary websites...

CVE-2017-1000069

CSRF in Bitly oauth2proxy 2.1 during authentication flow...

CVE-2017-1000070

The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...

CVE-2017-1000070

The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...

CVE-2017-1000069

CSRF in Bitly oauth2proxy 2.1 during authentication flow...

Cross site request forgery (csrf)

CSRF in Bitly oauth2proxy 2.1 during authentication flow...

Open redirect

The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...