Security
Headlines
HeadlinesLatestCVEs

Latest News

GHSA-2x65-fpch-2fcm: SimpleSAMLphp xml-common XXE vulnerability

# Summary When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE. ## Mitigation: Remove the `LIBXML_DTDLOAD | LIBXML_DTDATTR` options from `$options` is in: https://github.com/simplesamlphp/saml2/blob/717c0adc4877ebd58428637e5626345e59fa0109/src/SAML2/DOMDocumentFactory.php#L41 ## Background / details To be published on Dec 8.

ghsa
Open in Source
#vulnerability#web#git#php#auth
GHSA-h924-8g65-j9wg: Traefik's X-Forwarded-Prefix Header still allows for Open Redirect

### Impact There is a vulnerability in Traefik that allows the client to provide the `X-Forwarded-Prefix` header from an untrusted source. ### Patches - https://github.com/traefik/traefik/releases/tag/v2.11.14 - https://github.com/traefik/traefik/releases/tag/v3.2.1 ### Workarounds No workaround. ### For more information If you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues). <details> <summary>Original Description</summary> ### Summary The previously reported open redirect ([GHSA-6qq8-5wq3-86rp](https://github.com/traefik/traefik/security/advisories/GHSA-6qq8-5wq3-86rp)) is not fixed correctly. The safePrefix function can be tricked to return an absolute URL. ### Details The Traefik API [dashboard component](https://github.com/traefik/traefik/blob/master/pkg/api/dashboard/dashboard.go) tries to validate that the value of the header X-Forwarded-Prefix is a site relative path: ```go http.Redirect(resp, req,...

2 UK Hospitals Targeted in Separate Cyberattacks

Alder Hey Children's Hospital got hit with a ransomware attack, while the nature of an incident at Wirral University Teaching Hospital remains undisclosed.

Op HAECHI V: Interpol Arrests 5,500 Cybercriminals, Recovers $400 Million

SUMMARY A global operation, led by INTERPOL, nets over 5,500 cybercriminals and seizes $400 million in stolen funds.…

GHSA-q3v6-hm2v-pw99: Spring Framework has Authorization Bypass for Case Sensitive Comparisons

The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.

Incident Response Playbooks: Are You Prepared?

The playbooks that accompany your incident response plan provide efficiency and consistency in responses, help reduce downtime and dwell time, and can be a cost-saving and reputational-saving measure for your organization.

SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan

Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware. "SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide range of attacks," Fortinet FortiGuard Labs said in a report shared with The Hacker News. "While

Hackers Drain $1.48 Billion from Crypto in 2024, Led by DeFi Exploits

Hackers stole $1.48 billion from the crypto industry in 2024. A new report highlights trends in blockchain security, including shifts in target networks.

Microsoft Boosts Device Security With Windows Resiliency Initiative

Microsoft is readying a new release of Windows in 2025 that will have significant security controls, such as more resilient drivers and a "self-defending" operating system kernel.

Malicious Ads in Search Results Are Driving New Generations of Scams

The scourge of “malvertising” is nothing new, but the tactic is still so effective that it's contributing to the rise of investment scams and the spread of new strains of malware.