OpenTelemetry .NET 安全漏洞

OpenTelemetry .NET is the .NET client of OpenTelemetry by OpenTelemetry Inc. There were security vulnerabilities in the version of OpenTelemetry .NET from 1.13.1 to 1.15.2. These vulnerabilities stemmed from the gRPC exporter’s ability to parse the grpc-status-details-bin trailer provided by the...

PT-2026-34707

Name of the Vulnerable Software and Affected Versions OpenTelemetry dotnet versions 1.13.1 through 1.15.1 Description When exporting telemetry to a back-end or collector over gRPC or HTTP using the OpenTelemetry Protocol OTLP format, unsuccessful requests HTTP 4xx or 5xx result in the response...

OpenTelemetry .NET Contrib 安全漏洞

OpenTelemetry .NET Contrib is an open-source telemetry data collection and processing library developed by OpenTelemetry - CNCF. Previous versions of OpenTelemetry .NET Contrib, such as 0.1.0-alpha.8, contained security vulnerabilities. These vulnerabilities stemmed from reading HTTP response...

Bad Apples: Weaponizing native macOS primitives for movement and execution

As macOS adoption grows among developers and DevOps, it has become a high value target; however, native "living-off-the-land" LOTL techniques for the platform remain significantly under-documented compared to Windows. Adversaries can bypass security controls by repurposing native features like...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via the findTempDir and copyAgent processes. An attacker can overwrite arbitrary files on the host system by controlling the TMPDIR environment variable in a Java process and leveraging symlink manipulation. This is only...

GHSA-8GMG-3W2Q-65F4 OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR

Summary A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is running with elevated privileges. The injector trusted TMPDIR from the target process and used unsafe file creation...

Metasploit Wrap-Up 04/17/2026

Happy Friday - Seven New Metasploit Modules We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug fixes and enhancements. This week’s highlights include RCE modules targeting AVideo, openDCIM, Selenium Grid/Selenoid, and ChurchCRM. On th...

OESA-2026-1993 thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.CVE-2025-59375 Spoofing issue in Thunderbird. This vulnerability was fixed ...

Anviz CX7 安全漏洞

The Anviz CX7 is an intelligent terminal device from the American company Anviz, featuring integrated biometrics and access control functions. The Anviz CX7 has a security vulnerability; this vulnerability stems from the application embedding reusable certificate or key materials, which may lead ...

[SECURITY] Fedora 44 Update: kf6-kuserfeedback-6.25.0-1.fc44

Framework for collecting user feedback for apps via telemetry and surveys...

Meridian: Multiple defense-in-depth gaps (collection/depth caps, telemetry, retry, fan-out)

Summary Meridian v2.1.0 Meridian.Mapping and Meridian.Mediator shipped with nine defense-in-depth gaps reachable through its public APIs. Two are HIGH severity — the advertised DefaultMaxCollectionItems and DefaultMaxDepth safety caps are silently bypassed on the IMapper.Mapsource, destination...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component...

Malicious code in nj-logger (npm)

nj-logger is a malicious npm package that when imported in file dist/logger/telemetry.js downloads a trojan for Windows only, W64.AIDetectMalware / Trojan.Malware.300983.susgen from http://178.128.88.40:8080/download/svc to path nodemodules/.cache/nj-logger/nj-transport-win32-x64.node and execute...

MAL-2026-2907 Malicious code in nj-logger (npm)

nj-logger is a malicious npm package that when imported in file dist/logger/telemetry.js downloads a trojan for Windows only, W64.AIDetectMalware / Trojan.Malware.300983.susgen from http://178.128.88.40:8080/download/svc to path nodemodules/.cache/nj-logger/nj-transport-win32-x64.node and execute...

Malicious code in ccxt-telemetry (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3e38f4b70af5228dbb3bc058a3a413daa01d50884e42e8e70b68454163118ba During installation, code exfiltrates environment variables and sensitive keys from .env files --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2026-2697 Malicious code in ccxt-telemetry (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3e38f4b70af5228dbb3bc058a3a413daa01d50884e42e8e70b68454163118ba During installation, code exfiltrates environment variables and sensitive keys from .env files --- Category: MALICIOUS - The campaign has clearly malicious...

Incident response for AI: Same fire, different fuel

In this article 1. The fundamentals still hold 2. Where AI changes the equation 3. Closing the gaps in telemetry, tooling, and response 4. The human dimension 5. Looking ahead When a traditional security incident hits, responders replay what happened. They trace a known code path, find the defect...

Incident response for AI: Same fire, different fuel

In this article 1. The fundamentals still hold 2. Where AI changes the equation 3. Closing the gaps in telemetry, tooling, and response 4. The human dimension 5. Looking ahead When a traditional security incident hits, responders replay what happened. They trace a known code path, find the defect...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component...