Latest News
Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.28 allows an index out-of-range panic in asn1/aper GetBitString via a zero value of numBits.
Cybersecurity tips to protect your cryptocurrency from hackers, scams, and fraud. Learn best practices for securing digital assets…
Plus: A nominee to lead CISA emerges, Elon Musk visits the NSA, a renowned crypto cracking firm’s secret (and problematic) cofounder is revealed, and more.
tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were not originally affected, but were modified by a threat actor to point at commit 0e58ed8, which contains the malicious updateFeatures code.)
Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as "time" related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it discovered two sets of packages totaling 20 of them. The packages
A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed "ClickFix," the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware.
### Impact A maliciously crafted QPY file containing can potentially execute arbitrary-code embedded in the payload without privilege escalation when deserializing QPY formats < 13. A python process calling Qiskit's `qiskit.qpy.load()` function could potentially execute any arbitrary Python code embedded in the correct place in the binary file as part of specially constructed payload. ### Patches Fixed in Qiskit 1.4.2 and in Qiskit 2.0.0rc2
**Description:** The `secure_redundant_execution` function in feldman_vss.py attempts to mitigate fault injection attacks by executing a function multiple times and comparing results. However, several critical weaknesses exist: 1. Python's execution environment cannot guarantee true isolation between redundant executions 2. The constant-time comparison implementation in Python is subject to timing variations 3. The randomized execution order and timing provide insufficient protection against sophisticated fault attacks 4. The error handling may leak timing information about partial execution results These limitations make the protection ineffective against targeted fault injection attacks, especially from attackers with physical access to the hardware. **Impact:** A successful fault injection attack could allow an attacker to: 1. Bypass the redundancy check mechanisms 2. Extract secret polynomial coefficients during share generation or verification 3. Force the acceptance of inva...
**Description:** The `feldman_vss` library contains timing side-channel vulnerabilities in its matrix operations, specifically within the `_find_secure_pivot` function and potentially other parts of `_secure_matrix_solve`. These vulnerabilities are due to Python's execution model, which does not guarantee constant-time execution. An attacker with the ability to measure the execution time of these functions (e.g., through repeated calls with carefully crafted inputs) could potentially recover secret information used in the Verifiable Secret Sharing (VSS) scheme. The `_find_secure_pivot` function, used during Gaussian elimination in `_secure_matrix_solve`, attempts to find a non-zero pivot element. However, the conditional statement `if matrix[row][col] != 0 and row_random < min_value:` has execution time that depends on the value of `matrix[row][col]`. This timing difference can be exploited by an attacker. The `constant_time_compare` function in this file also does not provide a con...
### Impact XSS vulnerability when the sanitizer is used with a `contentEditable` element to set the elements `innerHTML` to a sanitized string produced by the package. If the code is particularly crafted to abuse the code beautifier, that runs AFTER sanitation. ### Patches Patched in version 2.0.3