#git

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path traversal that is leading to CSRF in Playbooks

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1 and 9.5.x <= 9.5.9 fail to prevent detailed error messages from being displayed in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by sending a specially crafted request to Playbooks.

The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle the threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not in

Sophos CEO Joe Levy says the $859 million deal to acquire SecureWorks from majority owner Dell Technologies will put the Taegis platform — with network detection and response, vulnerability detection and response, and identity threat detection and response capabilities — at the core.

The nation leads in the number of capture-the-flag tournaments sponsored by government and industry — a strategy from which Western nations could learn.

## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r9pp-r4xf-597r. This link is maintained to preserve external references. ## Original Description An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request.

Posing as an application used to locate Ukrainian military recruiters, a Kremlin-backed hacking initiative delivers malware, along with disinformation designed to undermine sign-ups for soldiers in the war against Russia.

LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new prompt-injection technique.

Cary, NC, 28th October 2024, CyberNewsWire

### Summary An issue on Coder's login page allows attackers to craft a Coder URL that when clicked by a logged in user could redirect them to a website the attacker controls, e.g. https://google.com. ### Details On the login page, Coder checks for the presence of a `redirect` query parameter. On successful login, the user would be redirected to the location of the parameter. Improper sanitization allows attackers to specify a URL outside of the Coder application to redirect users to. ### Impact Coder users could potentially be redirected to a untrusted website if tricked into clicking a URL crafted by the attacker. Coder authentication tokens are **not** leaked to the resulting website. To check if your deployment is vulnerable, visit the following URL for your Coder deployment: - `https://<coder url>/login?redirect=https%3A%2F%2Fcoder.com%2Fdocs` ### Patched Versions This vulnerability is remedied in - v2.16.1 - v2.15.3 - v2.14.4 All versions prior to 2.3.1 are not affected. ###...