Latest News
Plus: Apple turns off end-to-end encrypted iCloud backups in the UK after pressure to install a backdoor, and two spyware apps expose victim data—and the identities of people who installed the apps.
Cryptocurrency exchange Bybit on Friday revealed that a "sophisticated" attack led to the theft of over $1.46 billion worth of cryptocurrency from one of its Ethereum cold (offline) wallets, making it the largest ever single crypto heist in history. "The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated
OpenAI on Friday revealed that it banned a set of accounts that used its ChatGPT tool to develop a suspected artificial intelligence (AI)-powered surveillance tool. The social media listening tool is said to likely originate from China and is powered by one of Meta's Llama models, with the accounts in question using the AI company's models to generate detailed descriptions and analyze documents
### Summary There is a cross-site scripting vulnerability on To-Do that affects a title field of a To-Do.
### Summary HTML can be arbitrarily injected into emails from Leantime due to improper neutralization of HTML tags in users' first names. This effectively allows for the creation of phishing emails from a Leantime instance's email address.
### Finding Description Application has functionality for a user to view profile information. It does not have an implemented authorization check for "Host" parameter which allows a user to view profile information of another user by replacing "Host" parameter. ### Impact By exploiting this vulnerability an attacker can able to view profile information (but not anything else or change anything)
### Impact A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are **not** affected. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `fixiso`. ### Patches The bug is fixed in version v0.28.5. ### References Issue: https://github.com/Exiv2/exiv2/issues/3168 Fix: https://github.com/Exiv2/exiv2/pull/3174 ### For more information Please see our [s...
### Description Leantime allows stored cross-site scripting (XSS) in the API key name while generating the API key. ### Impact Any low privileged user like manager, or editor, can create an API key with XSS payload. When admin will visit the Company page, the XSS will automatically get triggerred leading to the unauthorized action performed from the ADMIN account. Like, removing any user, or adding someone else as high privilege, and many more.
**CSRF** ### Summary A cross-site request forgery vulnerability allows a remote actor to create an account with Owner privileges. By luring an Owner or Administrator into clicking a button on an attacker-controlled website, a request will be issued, generating an account with the attacker's information and role of their choosing. ### Impact While the likelihood of a successful exploit is low, the impact would be high as the attacker could then gain complete control over the victim's environment.
### Summary A cross-site scripting (XSS) vulnerability has been identified in Leantime. The vulnerability allows an attacker to inject malicious scripts into certain fields, potentially leading to the execution of arbitrary code or unauthorized access to user-sensitive information. The code does not include any validation or sanitization of the $_GET["id"] parameter. As a result, it directly incorporates the user-supplied value into the source path without any checks.