Security
Headlines
HeadlinesLatestCVEs

Tag

#git

Malware Infects Linux and macOS via Typosquatted Go Packages

Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the…

HackRead
Open in Source
#web#mac#linux#git#rce
Android botnet BadBox largely disrupted

Removing 24 malicious apps from the Google Play store and silencing some servers has almost halved the BadBox botnet.

US Charges 12 in Chinese Hacker Network, Offers $10M Reward

U.S. indicts 12 in Chinese Hacker-for-Hire Network tied to cyber attacks on governments & media. DOJ offers $10M reward for info on key suspects.

The US Army Is Using ‘CamoGPT’ to Purge DEI From Training Materials

Developed to boost productivity and operational readiness, the AI is now being used to “review” diversity, equity, inclusion, and accessibility policies to align them with President Trump’s orders.

Unmasking the new persistent attacks on Japan

Cisco Talos has discovered an active exploitation of CVE-2024-4577 by an attacker in order to gain access to the victim's machines and carry out post-exploitation activities.

GHSA-7g95-jmg9-h524: Jenkins cross-site request forgery (CSRF) vulnerability

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not require POST requests for the HTTP endpoint toggling collapsed/expanded status of sidepanel widgets (e.g., Build Queue and Build Executor Status widgets), resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows attackers to have users toggle their collapsed/expanded status of sidepanel widgets. Additionally, as the API accepts any string as the identifier of the panel ID to be toggled, attacker-controlled content can be stored in the victim’s user profile in Jenkins. Jenkins 2.500, LTS 2.492.2 requires POST requests for the affected HTTP endpoint.

GHSA-hw43-fcmm-3m5g: Emissary May Use a Broken or Risky Cryptographic Algorithm

### Summary The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases (e.g., SHA-1, CRC32, and SSDEEP). These algorithms, while possibly valid for certain non-security-critical tasks, can expose users to security risks if used in scenarios where strong cryptographic guarantees are required. ### Requirement from NIST Requirement from NIST regarding SHA1 https://csrc.nist.gov/projects/hash-functions#:~:text=NIST%20deprecated%20the%20use%20of,use%20of%20the%20SHA%2D1. > Federal agencies should use SHA-2 or SHA-3 as an alternative to SHA-1. > Further guidance will be available soon. Send questions on the transition to [email protected]. https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm ### Mitigation and Fix Make it clear to developers and users that the ChecksumCalculator is specific to the "Known File Filter...

GHSA-8366-xmgf-334f: REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation

### Summary Reflected cross-site scripting (XSS) is a type of web vulnerability that occurs when a web application fails to properly sanitize user input, allowing an attacker to inject malicious code into the application's response to a user's request. When the user's browser receives the response, the malicious code is executed, potentially allowing the attacker to steal sensitive information or take control of the user's account. ### Details On the latest version of Redaxo, v5.18.2, the rex-api-result parameter is vulnerable to Reflected cross-site scripting (XSS) on the page of AddOns. ### PoC 1. Login Redaxo as administrative user. 2. Navigate to the URL: [http://localhost/redaxo/index.php?page=packages&rex-api-call=package&&rex-api-result={%22succeeded%22%3Atrue%2C%22message%22%3A%22%3Cimg%20src=x%20onerror=alert(document.domain);%3E%22}](http://localhost/redaxo/index.php?page=packages&rex-api-call=package&&rex-api-result=%7B%22succeeded%22%3Atrue%2C%22message%22%3A%22%3Cimg%20s...

GHSA-wppf-gqj5-fc4f: REDAXO allows Arbitrary File Upload in the mediapool page

### Summary An arbitrary file upload vulnerability was identified in the redaxo. This flaw permits users to upload malicious files, which can lead to JavaScript code execution and distribute malware. ### Details On the latest version of Redaxo, v5.18.2, the mediapool/media page is vulnerable to arbitrary file upload. ### PoC 1. Log in to the portal then navigate to `Mediapool`. 2. Upload a png file (ex: poc.png) ![1](https://github.com/user-attachments/assets/e9165434-d2cd-437b-87a3-f9527d4f3070) 3. Intercept the upload HTTP request on burp suite and change `filename: poc.1html`, `Content-Type:image/html` and insert the malicious html code. (ex: `<IFRAME SRC="javascript:alert(1);"></IFRAME>`) ![2](https://github.com/user-attachments/assets/f8da0e6b-e807-46be-a867-dc31b1e13e57) 4. Forward the request. 5. Navigate to the file. ![3](https://github.com/user-attachments/assets/4c44c5cf-8467-452d-b249-cf2d72e0d328) ![4](https://github.com/user-attachments/assets/29db80e3-a5b9-43...