NimPlant - A Light-Weight First-Stage C2 Implant Written In Nim

ByCas van Cooten @chvancooten, with special thanks to some awesome folks: Fabian Mosch @S3cur3Th1sSh1t for sharing dynamic invocation implementation in Nim and the Ekko sleep mask function snovvcrash @snovvcrash for adding the initial version of execute-assembly & self-deleting implant option...

Debian: Security Advisory (DLA-666-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-1.19.6-1.fc36

The Go Programming Language...

Fedora: Security Advisory for golang (FEDORA-2023-ce66f112b2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2018-1000810

The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat,...

SUSE CVE-2021-41816

CGI.escapehtml in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms such as Windows where sizet and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby...

The vulnerability of the Cargo package manager in the Rust programming language, which allows attackers to compromise the integrity of the protected information

The vulnerability of the Cargo package manager in the Rust programming language is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability allows a malicious actor to influence the integrity of the protected information via the SSH protocol...

Introducing Microservices Patterns with Spring Integration

Hey Spring Community! I hope you are enjoying Spring One Essentials these days. The most exciting feature for me is an Observability which is spread throughout the Spring portfolio from now on. Nevertheless, today I’d like to share with a project I’m working on since holidays, where the mentioned...

Introducing Microservices Patterns with Spring Integration

Hey Spring Community! I hope you are enjoying Spring One Essentials these days. The most exciting feature for me is an Observability which is spread throughout the Spring portfolio from now on. Nevertheless, today I’d like to share with a project I’m working on since holidays, where the mentioned...

RLSA-2023:0328 Moderate: go-toolset and golang security and bug fix update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputi...

Fedora: Security Advisory for rust (FEDORA-2023-575fcaf4bf)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: rust-1.66.1-1.fc36

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

Google to support the use of Rust in Chromium

In a blog by the Chrome security team we learned that the Chromium project is going to support the use of third-party Rust libraries from C++ in Chromium. This is good news because Rust is a so-called memory-safe programming language. So using it in a widespread program like Chrome and the other...

[SECURITY] Fedora 36 Update: golang-1.18.9-1.fc36

The Go Programming Language...

[SECURITY] Fedora 37 Update: golang-1.19.4-1.fc37

The Go Programming Language...

[SECURITY] Fedora 36 Update: python3.11-3.11.1-1.fc36

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

[SECURITY] Fedora 36 Update: python3.12-3.12.0~a3-1.fc36

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

Fedora: Security Advisory for python3.12 (FEDORA-2022-de755fd092)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

A New GoLang Botnet named GoTrim BruteForcing multiple CMS

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new GoTrim botnet has been scanning and brute-forcing on the four Content Management Systems WordPress, DataLife Engine, Joomla!, and OpenCart websites. GoTrim botnet is written in Go Programming...

Cross site scripting

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...