Threat actor believed to be spreading new MedusaLocker variant since 2022

Cisco Talos has discovered a financially motivated threat actor, active since 2022, recently observed delivering a MedusaLocker ransomware variant. Intelligence collected by Talos on tools regularly employed by the threat actor allows us to see an estimate of the amount and countries of origin of...

Supercharging Your AI Applications with Spring AI Advisors

In the rapidly evolving world of artificial intelligence, developers are constantly seeking ways to enhance their AI applications. Spring AI, a Java framework for building AI-powered applications, has introduced a powerful feature: the Spring AI Advisors. The advisors can supercharge your AI...

Cross-site Scripting (XSS)

Overview ansibleguy-webui is a Basic WebUI for using Ansible Affected versions of this package are vulnerable to Cross-site Scripting XSS insufficient input sanitization when handling and displaying regex patterns. Note: The commit fix partially addresses this vulnerability by introducing escapin...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check for a successful fill when populating a list of polling patterns, which could result in a...

DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals

Monitoring evolving DDoS trends is essential for anticipating threats and adapting defensive strategies. The comprehensive Gcore Radar Report for the first half of 2024 provides detailed insights into DDoS attack data, showcasing changes in attack patterns and the broader landscape of cyber...

Ciphertext Leakage

Netbird is vulnerable to Ciphertext Leakage. The vulnerability is due to the use of a static initialization vector IV in the Encrypt function within the crypt.go file, which does not change for different encryption operations and allows attackers to expose the sensitive information through...

US senators ask FTC to investigate car makers’ privacy practices

An ongoing US Senate investigation indicated that connected car makers violate consumer privacy by sharing and selling drivers’ data, including their location, on a vast scale, and that the same car makers often obtain consumer consent through deception. Based on this investigation, senators have...

CVE-2024-29511

Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading and writing of error messages to arbitrary files via OCRLanguage. For example, exploitation can use debugfile /tmp/out and userpatternsfile /etc/passwd...

DEBIAN-CVE-2024-29511

Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading and writing of error messages to arbitrary files via OCRLanguage. For example, exploitation can use debugfile /tmp/out and userpatternsfile /etc/passwd...

OPENSUSE-SU-2024:11371-1 sca-patterns-sle15-1.0.8-2.2 on GA media

These are all security issues fixed in the sca-patterns-sle15-1.0.8-2.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11369-1 sca-patterns-sle11-1.3.5-1.2 on GA media

These are all security issues fixed in the sca-patterns-sle11-1.3.5-1.2 package on the GA media of openSUSE Tumbleweed...

Google's Privacy Sandbox Accused of User Tracking by Austrian Non-Profit

Google's plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble after Austrian privacy non-profit noyb none of your business said the feature can still be used to track users. "While the so-called 'Privacy Sandbox' is advertised a...

Fedora: Security Advisory for qt5-qtxmlpatterns (FEDORA-2024-2e27372d4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: qt5-qtxmlpatterns-5.15.14-1.fc40

The Qt XML Patterns module provides support for XPath, XQuery, XSLT, and XML Schema validation...

ROPDump - A Command-Line Tool Designed To Analyze Binary Executables For Potential Return-Oriented Programming (ROP) Gadgets, Buffer Overflow Vulnerabilities, And Memory Leaks

ROPDump is a tool for analyzing binary executables to identify potential Return-Oriented Programming ROP gadgets, as well as detecting potential buffer overflow and memory leak vulnerabilities. Features Identifies potential ROP gadgets in binary executables. Detects potential buffer overflow...

RHEL 7 : pcre (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pcre: inefficient posix character class syntax check 8.38/16 CVE-2015-8391 - pcre: Integer overflow cause...

TYPO3 Cross-Site Scripting in Frontend User Login

Failing to properly encode user input, login status display is vulnerable to cross-site scripting in the website frontend. A valid user account is needed in order to exploit this vulnerability - either a backend user or a frontend user having the possibility to modify their user profile. Template...

[SECURITY] Fedora 40 Update: rust-uu_csplit-0.0.23-3.fc40

Csplit uutils Output pieces of FILE separated by PATTERNs to files 'xx00', 'xx01', ..., and output byte counts of each piece to standard output...

golang: regexp/syntax: limit memory used by parsing regexps

A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as...

Improper Origin Validation

github.com/jub0bs/cors is vulnerable to Improper Origin Validation. The vulnerability due to middleware configured with multiple origin patterns that share a similar suffix which mistakenly permits access from some untrusted origins, potentially leading to cross-origin attacks...