Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : The Internet Archive Python Library vulnerability (USN-7989-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7989-1 advisory. Pengo Wray discovered that The Internet Archive Python Library incorrectly handled certain file paths when downloading files. An...

USN-7989-1 python-internetarchive vulnerability

Pengo Wray discovered that The Internet Archive Python Library incorrectly handled certain file paths when downloading files. An attacker could possibly use this issue to write files to arbitrary locations on the file system...

USN-7989-1: The Internet Archive Python Library vulnerability

Pengo Wray discovered that The Internet Archive Python Library incorrectly handled certain file paths when downloading files. An attacker could possibly use this issue to write files to arbitrary locations on the file system...

DSA-6035-1 python-internetarchive - security update

Bulletin has no description...

Directory Traversal

Internetarchive is vulnerable to Directory traversal. The vulnerability is due to improper sanitization and validation of user-supplied filenames due to File.download accepting unnormalized filenames; an attacker can provide names e.g. ../../../../windows/system32/file.txt to write outside the...

Directory Traversal

Overview internetarchive is an A Python interface to archive.org. Affected versions of this package are vulnerable to Directory Traversal via the download function in the file.py file, which does not properly sanitize user-supplied filenames or validate the final download path. An attacker can...

Internet Archive (Archive.org) Goes Down Following “Power Outage” (Updated)

The Internet Archive Archive.org, home to the Wayback Machine, is temporarily offline due to a reported power outage.…...

Internet Archive (Archive.org) Hacked for Second Time in a Month

The Internet Archive Archive.org suffered a second security breach in October 2024, exposing support tickets through unrotated Zendesk…...

Internet Archive attackers email support users: “Your data is now in the hands of some random guy”

Those who hacked the Internet Archive haven't gone away. Users of the Internet Archive who have submitted helpdesk tickets are reporting replies to the tickets from the hackers themselves. Internet Archive, most known for its Wayback Machine, is a digital library that allows users to look at...

Internet Archive (Archive.Org) Hacked: 31 Million Accounts Compromised

Internet Archive suffered a massive cyberattack, leading to a data breach where 31 million user records were stolen…...

Internet Archive suffers data breach and DDoS

A non-profit that benefits millions of people has fallen victim to a data breach and a DDoS attack. Internet Archive, most known for its Wayback Machine, is a digital library that allows users to look at website snapshots from the past. It is often used for academic research and data analysis...

Internet Archive Breach Exposes 31 Million Users

The hack exposed the data of 31 million users as the embattled Wayback Machine maker scrambles to stay online and contain the fallout of digital—and legal—attacks...

Happy 20th Birthday TaoSecurity Blog

Happy 20th birthday TaoSecurity Blog, born on 8 January 2003. Thank you Blogger Blogger now part of Google has continuously hosted this blog for 20 years, for free. I'd like to thank Blogger and Google for providing this platform for two decades. It's tough to find extant self-hosted security...

FTC Sues Data Broker Over Selling Location Data for Hundreds of Millions of Phones

The U.S. Federal Trade Commission FTC on Monday said it filed a lawsuit against Kochava, a location data broker, for collecting and selling precise geolocation data gathered from consumers' mobile devices. The complaint alleges that the U.S. company amasses a "wealth of information" about users b...

Use of deprecated Chainlink latestAnswer()

Handle sirhashalot Vulnerability details Impact Chainlink's documentation listed the latestAnswer function as deprecated. This function doesn't revert if no answer is available but returns 0, and the return value of latestanswer is not checked in the Notional code. In fact, Chainlink removed thei...

I Am Parting With My Crypto Library

The time has come for me to find a new home for my paper cryptography library. Its about 150 linear feet of books, conference proceedings, journals, and monographs -- mostly from the 1980s, 1990s, and 2000s. My preference is that it goes to an educational institution, but will consider a corporat...

The Wayback Machine and Cloudflare Want to Backstop the Web

The Internet Archive and the infrastructure company are teaming up to make sure sites never fully go down...

JSONBee - A Ready To Use JSONP Endpoints/Payloads To Help Bypass Content Security Policy Of Different Websites

A ready to use JSONP endpoints to help bypass content security policy of different websites. The tool was presented during HackIT 2018 in Kiev. The presentation can be found here not sure why format of the slides is screwed :D:...

Free Movie Download and Streaming Sites — Watch HD Movies Online

When you search for "free movie download" or "watch free movies online," search engines present a long list of websites. However, be cautious. Many free movie sites can lead to harmful computer viruses that could infect or, in the worst case, take control of your computer. Additionally, many...

Free Movie Download and Streaming Sites — Watch HD Movies Online

When you search for "free movie download" or "watch free movies online," search engines present a long list of websites. However, be cautious. Many free movie sites can lead to harmful computer viruses that could infect or, in the worst case, take control of your computer. Additionally, many...