9 matches found
CVE-2026-34783
Ferret is a declarative system for working with web data. Prior to 2.0.0-alpha.4, a path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write arbitrary files to the filesystem of the machine running Ferret. When an operator scrapes a...
GHSA-J6V5-G24H-VG4J Ferret: Path Traversal in IO::FS::WRITE allows arbitrary file write when scraping malicious websites
Summary A path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write arbitrary files to the filesystem of the machine running Ferret. When an operator scrapes a website that returns filenames containing ../ sequences, and uses those...
A Common Pool of Privacy Problems: Legal and Technical Lessons from a Large-Scale Web-Scraped Machine Learning Dataset
We investigate the contents of web-scraped data for training AI systems, at sizes where human dataset curators and compilers no longer manually annotate every sample. Building off of prior privacy concerns in machine learning models, we ask: What are the legal privacy implications of web-scraped...
PYSEC-2025-7 Posts scraped data to IP address associated with other malware distribution attacks.
Published in 2021, the imblog package is a Python library that scrapes data from a blog page to an IP address associated with other malware distribution attacks...
Google Open Sources Magika: AI-Powered File Identification Tool
Google has announced that it's open-sourcing Magika, an artificial intelligence AI-powered tool to identify file types, to help defenders accurately detect binary and textual file types. "Magika outperforms conventional file identification methods providing an overall 30% accuracy boost and up to...
Hacker Leaks 35 Million Scraped LinkedIn User Records
By Waqas The hacker responsible for this leak is the same individual who previously leaked databases from InfraGard and Twitter. This is a post from HackRead.com Read the original post: Hacker Leaks 35 Million Scraped LinkedIn User Records...
Spyware Vendor Hacked
A Brazilian spyware app vendor was hacked by activists: In an undated note seen by TechCrunch, the unnamed hackers described how they found and exploited several security vulnerabilities that allowed them to compromise WebDetetive’s servers and access its user databases. By exploiting other flaws...
400 Million Twitter Users’ Scraped Info Goes on Sale!
By Habiba Rashid The threat actor claims that Twitter data was "scraped via a vulnerability." This is a post from HackRead.com Read the original post: 400 Million Twitter Users Scraped Info Goes on Sale!...
Oh Look, LinkedIn Also Had 500M Users' Data Scraped
Plus: A bad Zoom bug, a billion-dollar cocaine bust, and more of the week's top security news...