CVE-2024-4642

CVE-2024-4642 is described in connected advisories as a Server-Side Request Forgery (SSRF) in the wandb/wandb repository, caused by improper handling of HTTP redirects (HTTP 302). The issue could allow team members with access to the Webhooks settings to reach internal HTTP(S) endpoints, with pot...

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials

Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that's used to target Laravel applications and steal sensitive data. "It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio," Juniper Threat Labs...

Amazon Web Services Inspector Application Security Scanner

Amazon answered many security and compliance prayers yesterday with the release of its Inspector tool. Inspector scans applications launched in Amazon Web Services instances, looking for issues on two fronts: compliance with certain regulations such as the Payment Card Industry Data Security...