Latest News

### Impact Making crafted requests could lead to information disclosure that could further lead to account takeover. ### Workarounds There's no workaround to fix this without upgrading. ### Credits Thanks to Thanh of Calif.io for reporting the issue

### Impact A system user was able to create certain documents in a specific way that could lead to RCE. ### Workarounds There's no workaround, an upgrade is required. ### Credits Thanks to Thanh of Calif.io for reporting the issue

### Impact An SQL Injection vulnerability has been identified in Frappe Framework which could allow a malicious actor to access sensitive information. ### Workarounds Upgrading is required, no other workaround is present. ### Credits Thanks to Thanh of Calif.io for reporting the issue

McAfee Labs reveals new Android malware exploiting .NET MAUI to steal user data. Learn about advanced evasion techniques and how to stay protected.

Alisa Viejo, United States, 25th March 2025, CyberNewsWire

### Summary The contents of arbitrary files can be returned to the browser. ### Impact Only apps explicitly exposing the Vite dev server to the network (using `--host` or [`server.host` config option](https://vitejs.dev/config/server-options.html#server-host)) are affected. ### Details `@fs` denies access to files outside of Vite serving allow list. Adding `?raw??` or `?import&raw??` to the URL bypasses this limitation and returns the file content if it exists. This bypass exists because trailing separators such as `?` are removed in several places, but are not accounted for in query string regexes. ### PoC ```bash $ npm create vite@latest $ cd vite-project/ $ npm install $ npm run dev $ echo "top secret content" > /tmp/secret.txt # expected behaviour $ curl "http://localhost:5173/@fs/tmp/secret.txt" <body> <h1>403 Restricted</h1> <p>The request url &quot;/tmp/secret.txt&quot; is outside of Vite serving allow list. # security bypassed $ curl "http://localhost:517...

A new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin. "Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and evolving threat actor that provides initial access broker (IAB) services to numerous criminal groups, many of which have connections to Russia," Silent Push said in a report shared with The

Ramat Gan, Israel, 25th March 2025, CyberNewsWire

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Verve Asset Manager Vulnerability: Improper Validation of Specified Type of Input 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative access to run arbitrary commands in the context of the container running the service. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports the following versions of Verve Asset Manager are affected: Verve Asset Manager: Versions 1.39 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER VALIDATION OF SPECIFIED TYPE OF INPUT CWE-1287 A vulnerability exists in the affected product due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Active Directory Interface (ADI) capability (deprecated since the 1.36 release) allows users to change a variable with inadequate sanitizing. If exploited, it could allo...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: RMC-100 Vulnerability: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a specially crafted message to the web UI, causing a temporary denial of service until the interface can be restarted. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports that the following products are affected when the REST interface is enabled: RMC-100: Versions 2105457-036 to 2105457-044 RMC-100 LITE: Versions 2106229-010 to 2106229-016 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPERLY CONTROLLED MODIFICATION OF OBJECT PROTOTYPE ATTRIBUTES ('PROTOTYPE POLLUTION') CWE-1321 A vulnerability exists in the web UI (REST interface) included in the product versions listed above. An attacker could exploit the vulnerability by sending a specially crafted message to the w...