Latest News

DDoSecrets indexes 410GB of breached TeleMessage data, including messages and metadata, from hack tied to unsecured Signal clone used by US government officials.

The online service has since been shut down as the agency grapples with the cyberattack, though it assures the public that those most in need of legal assistance will still be able to access help.

The UK Legal Aid Agency has suffered a major cyberattack, with “significant” sensitive data, including criminal records, stolen.…

Eric Council Jr. sentenced for 2024 SIM swap that led to fake Bitcoin ETF tweet from SEC’s X account, briefly impacting crypto markets.

### Summary A path traversal vulnerability in `PackageIndex` was fixed in setuptools version 78.1.1 ### Details ``` def _download_url(self, url, tmpdir): # Determine download filename # name, _fragment = egg_info_for_url(url) if name: while '..' in name: name = name.replace('..', '.').replace('\\', '_') else: name = "__downloaded__" # default if URL has no path contents if name.endswith('.[egg.zip](http://egg.zip/)'): name = name[:-4] # strip the extra .zip before download --> filename = os.path.join(tmpdir, name) ``` Here: https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 `os.path.join()` discards the first argument `tmpdir` if the second begins with a slash or drive letter. `name` is derived from a URL without sufficient sanitization. While there is some attempt to sanitize by replacing instanc...

Sequoia Capital partner Shaun Maguire said in a webinar hosted by Israel’s Defense Ministry that he connected the IDF with SpaceX’s Starlink satellite internet far sooner than believed.

### Summary  A command echoing feature in the framework allows users to indirectly trigger privileged behavior by injecting special platform tags. Specifically, an unauthorized user can use the `/echo <qqbot-at-everyone />` command to cause the bot to send a message that mentions all members in the chat, bypassing any permission controls. This can lead to spam, disruption, or abuse of notification systems.  ### Details  The framework provides a command `/echo` that causes the bot to repeat any user-provided message verbatim in the group chat. However, the bot fails to sanitize or filter platform-specific control elements such as `<qqbot-at-everyone />`, which, when included in a message, mentions everyone (i.e., @全体成员). While normal users are forbidden from using this tag in normal chats, the bot, which has higher privileges, is allowed to do so.  Since the `/echo` command blindly echoes any content, a user can exploit this by sending:  ``` /echo <qqbot-at-everyone /> ```  The bo...

### LibreNMS v25.4.0 suffers from Stored Cross-Site Scripting (XSS) Vulnerability in the 'group name' parameter of the 'http://localhost/poller/groups' form. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. ## ---------------------------------POC----------------------------- Before Setting: Enable 'distributed_poller' in http://localhost/settings/poller/distributed 1. Attacker creates a new poller group and injects the payload in the 'group name' parameter ``` payload: <script>alert('XSS')</script> ``` 2. Victim navigates to the 'http://localhost/addhost' to add a new host 3. The payload is executed code sink: https://github.com/librenms/librenms/blob/25.4.0/includes/html/pages/addhost.inc.php#L284

This week on the Lock and Code podcast, we speak with Nick Melvoin about the Los Angeles Unified School District smartphone ban for students.

The ABB Cylon FLXeon BACnet controller suffers from a configuration poisoning vulnerability in the put() function of bbmdList.js, where the writeFile() function is invoked to persist user-controlled data (req.body.bipList and req.body.natList) directly into sensitive configuration files (/etc/bdt.txt and /etc/bdt2.txt). This write operation lacks input validation and integrity checks allowing an attacker to supply crafted JSON payloads to inject or overwrite trusted BACnet BBMD entries. As these files are critical for network configuration, exploitation may result in unauthorized network redirection, denial of service, or insertion of rogue nodes into the system, thereby undermining the integrity and security of OT network communications.