Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

Report Uncovers Massive Sale of Compromised ChatGPT Credentials

By Deeba Ahmed Group-IB Report Warns of Evolving Cyber Threats Including AI and macOS Vulnerabilities and Ransomware Attacks. This is a post from HackRead.com Read the original post: Report Uncovers Massive Sale of Compromised ChatGPT Credentials

HackRead
Open in Source
#vulnerability#web#mac#apple#git#intel#auth#zero_day
February 2024: Vulremi, Vuldetta, PT VM Course relaunch, PT TrendVulns digests, Ivanti, Fortinet, MSPT, Linux PW

Hello everyone! In this episode, I will talk about the February updates of my open source projects, also about projects at my main job at Positive Technologies and interesting vulnerabilities. Alternative video link (for Russia): https://vk.com/video-149273431_456239140 Let’s start with my open source projects. Vulremi A simple vulnerability remediation utility, Vulremi, now has a logo and […]

GHSA-v627-69v2-xx37: `GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user

### Summary A Minder user can use the endpoints listed in the issue title to access any repository in the DB, irrespective of who owns the repo and any permissions that user may have. ### Details https://github.com/stacklok/minder/blob/e88e4b286e4bc04c03b0332a77961f085e1aa77f/database/query/repositories.sql#L22-L23 https://github.com/stacklok/minder/blob/a115c8524fbd582b2b277eaadce024bebbded508/internal/controlplane/handlers_repositories.go#L277-L278 The DB query used here checks by repo owner, repo name and provider name (which is always "github"). These query values are not distinct for the particular user - as long as the user has valid credentials and a provider, they can set the repo owner/name to any value they want and the server will return information on this repo. `DeleteRepositoryByName` uses the same query and I have been able to delete another user's repo using this technique. The `GetArtifactByName` endpoint also uses this DB query. I have not reproduced the behaviou...

RT-Thread RTOS 5.0.2 Overflows / Weak Random Source

RT-Thread RTOS versions 5.0.2 and below suffer from multiple buffer overflows, a weak random source in rt_random driver, and various other vulnerabilities.

RAD SecFlow-2 Path Traversal

RAD SecFlow-2 devices with Hardware 0202, Firmware 4.1.01.63, and U-Boot 2010.12 suffer from a directory traversal vulnerability.

Solar-Log 200 PM+ 3.6.0 Cross Site Scripting

Solar-Log 200 PM+ version 3.6.0 suffers from a persistent cross site scripting vulnerability.

WordPress Neon Text 1.1 Cross Site Scripting

WordPress Neon Text plugin versions 1.1 and below suffer from a persistent cross site scripting vulnerability.

KK Star Ratings Race Condition

KK Star Ratings versions prior to 5.4.6 suffer from rate tampering via a race condition vulnerability.

American Express warns customers about third party data breach

American Express has warned affected customers about a breach at a merchant process that leaked account numbers, names, and card expiration dates.

GhostSec’s joint ransomware operation and evolution of their arsenal

Cisco Talos observed a surge in GhostSec, a hacking group’s malicious activities since this past year. GhostSec has evolved with a new GhostLocker 2.0 ransomware, a Golang variant of the GhostLocker ransomware.