Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub issue. Because Anthropic's own action repo used the same workflow, a working attack could have pushed...

The vulnerability of the unflattendtnodes() function in the Linux kernel’s Device Tree driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the unflattendtnodes function in the drivers/of/fdt.c module of the Linux kernel’s Device Tree driver is related to a single-issue error. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

Funds are transferred to saleRecipient before settlement

This issue has been created to subdivide a multi-part submission to a single, medium severity finding. See issue 50 and in particular, judge @0xleastwood's comment here. --- The text was updated successfully, but these errors were encountered: All reactions...