2 matches found
MAL-2024-1657 Malicious code in nodem0m (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae93a7345bbc51bd2c0a267dc582cf90302284606b0f569ae06f4dc6a26f801a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Slack: Unauthenticated LFI revealing log information
@juji found a bug which allowed the disclosure of local files on certain servers - this included PHP files and logs. We performed a thorough investigation to ensure that this issue was not exploited, and as a precaution revoked tokens which were inadvertently logged. Thanks @juji! Write-up...