Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-105 (ALASKERNEL-5.10-2025-105)

The version of kernel installed on the remote host is prior to 5.10.244-240.965. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-105 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2025-108 (ALASKERNEL-5.4-2025-108)

The version of kernel installed on the remote host is prior to 5.4.296-217.428. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-108 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fen...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-101 (ALASKERNEL-5.10-2025-101)

The version of kernel installed on the remote host is prior to 5.10.240-238.959. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-101 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in...

MAL-2025-756 Malicious code in @alaska-its/design-tokens (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in @alaska-its/design-tokens (npm)

--- -= Per source details. Do not edit below this line.=-...

eeu.alaskaseafood.org Cross Site Scripting vulnerability OBB-3884725

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

dot.alaska.gov Cross Site Scripting vulnerability OBB-3839829

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cockpit door lock auto-unlock is no surprise

TL;DR Through reverse engineering a cockpit door lock controller several years ago, we’ve known about the auto-unlatch issue We couldn’t publish owing to the risk to flight safety, even though some airplane type manuals already described the behaviour in a depressurisation event Now that the Alas...

walkerforalaska.com Cross Site Scripting vulnerability OBB-3338599

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Friday Squid Blogging: Squid Migration and Climate Change

New research on the changing migration of the Doryteuthis opalescens as a result of climate change. News article: Stanford researchers have solved a mystery about why a species of squid native to California has been found thriving in the Gulf of Alaska about 1,800 miles north of its expected rang...

Canadian Citizen Charged for Ransomware Attacks in Alaska

By Deeba Ahmed The accused became a suspect when the FBI contacted Canadian intelligence after observing a surge in ransomware attacks in Alaska in 2018. This is a post from HackRead.com Read the original post: Canadian Citizen Charged for Ransomware Attacks in Alaska...

entangledsealions.adfg.alaska.gov Cross Site Scripting vulnerability OBB-2173681

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

secure.wildlife.alaska.gov Cross Site Scripting vulnerability OBB-1384439

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

elevation.alaska.gov Improper Access Control vulnerability OBB-1372369

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

[SECURITY] [DLA 1625-1] tzdata new upstream version

Package : tzdata Version : 2018i-0+deb8u1 This update includes the changes in tzdata 2018i. Notable changes are: - Qyzylorda, Kazakhstan moved from +06 to +05 on 2018-12-21. A new zone Asia/Qostanay has been added, because Qostanay, Kazakhstan didnt move. - Metlakatla, Alaska observes PST this...

me.uaa.alaska.edu XSS vulnerability

Open Bug Bounty ID: OBB-672732 Description| Value ---|--- Affected Website:| me.uaa.alaska.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

‘China’s MIT’ Linked to Espionage Campaign Against Alaska, Economic Partners

An extensive cyberespionage campaign was disclosed today, targeting high-value international and U.S. government agencies and companies and emanating from an IP address associated with Tsinghua University, colloquially known as “China’s MIT.” The actors have gone after a range of targets, includi...

Massive ransomware attack forces authorities to use typewriters

By Waqas The ransomware attack also forced employees to use hand receipts. Two municipalities in Alaska one town and one borough to be precise have become victims of sophisticated encryption-based malware ransomware attack. Reportedly, the Matanuska-Susitna Mat Su and the City of Valdez have both...

dggs.alaska.gov XSS vulnerability

Open Bug Bounty ID: OBB-656091 Description| Value ---|--- Affected Website:| dggs.alaska.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

World Cup, Vacation Scams Lead in Phishing Trips this Summer

Summer is one of the traditional seasons of scamming, and this summer is shaping up to be a hot one on that front, with active campaigns swirling around supposed “security incidents,” vacation bookings and, of course, the World Cup. Scammers, for instance, recently targeted Booking.com customers...