#git

Plus: The US indicts North Koreans in fake IT worker scheme, file-sharing firm Cleo warns customers to patch a vulnerability amid live attacks, and more.

Another day, another healthcare database misconfiguration exposing sensitive patient information.

Businesses deploying large language models and other GenAI systems have a growing collection of open source tools for testing AI security.

### Impact Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. ### Patches Users should upgrade to version 3.16.1 where the `update-settings` endpoint blocks the ability for users to update the `enable_custom_filters` flag. You can find out more information on how to turn that flag on [here](https://github.com/man-group/dtale#custom-filter) ### Workarounds The only workaround for versions earlier than 3.16.1 is to only host D-Tale to trusted users. ### References See "Custom Filter" [documentation](https://github.com/man-group/dtale#custom-filter)

### Summary A vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an <iframe> element without user interaction or explicit consent. ### Details In http://localhost/admin/index.php?action=editentry&id=20&lang=en, where a FAQ record is either created or edited, an attacker can insert an iframe, as "source code", pointing to a prior "malicious" attachment that the attacker has uploaded via FAQ "new attachment" upload, such that any page visits to this FAQ will trigger an automated download (from the edit screen, download is automated; from the faq page view as a normal user, depending on the browser, a pop up confirmation may be presented before the actual download. Firebox browser, for instance, does not require any interactions).  ### PoC 1. create a new FAQ record and upload a "maliciou...

A vulnerability has been discovered in Laravel Pulse that could allow remote code execution through the public `remember()` method in the `Laravel\Pulse\Livewire\Concerns\RemembersQueries` trait. This method is accessible via Livewire components and can be exploited to call arbitrary callables within the application. ### Impact An authenticated user with access to Laravel Pulse dashboard can execute arbitrary code by calling any function or static method that meets the following criteria: - The callable is a function or static method - The callable has no parameters or no strict parameter types ### Vulnerable Components - The `remember(callable $query, string $key = '')` method in `Laravel\Pulse\Livewire\Concerns\RemembersQueries` - Affects all Pulse card components that use this trait ### Attack Vectors The vulnerability can be exploited through Livewire component interactions, for example: ```php wire:click="remember('\\Illuminate\\Support\\Facades\\Config::all', 'config')" `...

A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers to "mysterious unattributed threat") by Datadog Security Labs, that

Health Tech is booming, projected to grow from $312.92B in 2024 to $981.23B by 2032. Serhiy Tokarev highlights…

Care1, a Canadian healthcare solutions provider left a cloud storage instance freely accessible and unencrypted for anyone to find.