GHSA-GPFC-MPH4-QM24 Velociraptor vulnerable to privilege escalation via UpdateConfig artifact

Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...

CVE-2025-6264

Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...

PT-2025-26266

Name of the Vulnerable Software and Affected Versions Velociraptor affected versions not specified Description The issue concerns the Velociraptor's artifact collection feature, which allows users to collect and execute VQL queries packaged into artifacts from endpoints. These artifacts typically...

Velociraptor 安全漏洞

Velociraptor is a Velocidex open source tool for collecting host-based state information using Velociraptor Query Language VQL queries. A security vulnerability exists in Velociraptor that stems from the failure of the Admin.Client.UpdateClientConfig artifact to enforce additional privileges, whi...

CVE-2024-23724: Ghost CMS Stored XSS Leading to Owner Takeover

The post CVE-2024-23724: Ghost CMS Stored XSS Leading to Owner Takeover appeared first on Rhino Security Labs...

DarkGate: New password stealer & cryptomining malware hits Windows devices

By Waqas "DarkGate" malware uses Akamai, AWS DNS records and multiple payloads for cryptomining, credential theft and endpoint takeover. A sophisticated malware campaign has been identified by an enSilo researcher that hasn’t been detected before and is quite advanced than many of the malware...