#git

An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop.

An issue in the component `GroovyEngine.execute` of JLine v3.24.1 allows attackers to cause an out of memory (OOM) error exception.

easy-rules-mvel v4.1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component `mVELRule`.

Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client.

It was a year of devastating cyberattacks around the globe, from ransomware attacks on casinos to state-sponsored breaches of critical infrastructure.

Nation-state actors affiliated to North Korea have been observed using spear-phishing attacks to deliver an assortment of backdoors and tools such as AppleSeed, Meterpreter, and TinyNuke to seize control of compromised machines. South Korea-based cybersecurity company AhnLab attributed the activity to an advanced persistent threat group known as Kimsuky. “A notable point about attacks that

Ransomware gangs don't always win, and when they don't, it feels pretty great.

Microsoft on Thursday said it’s once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware. “The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector for malware that may lead to ransomware distribution,” the Microsoft Threat Intelligence

A vulnerability has been found in ShifuML shifu 0.12.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file src/main/java/ml/shifu/shifu/core/DataPurifier.java of the component Java Expression Language Handler. The manipulation of the argument FilterExpression leads to code injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249151.

### Impact Users with access to backend forms that include a [ColorPicker FormWidget](https://wintercms.com/docs/v1.2/docs/backend/forms#color-picker) can provide a value that would then be rendered unescaped in the backend form, potentially allowing for a stored XSS attack. By default, only the Brand Settings (`backend.manage_branding`) and Mail Brand Settings (`system.manage_mail_templates`) forms include the `colorpicker` formwidget, however it is also common for theme's to include it on their Theme Customization (`cms.manage_theme_options`) form. Although this was a security issue, it's important to note that its severity is relatively low. To exploit the vulnerability, an attacker would already need to have trusted access to the Winter CMS backend and they would then need to convince a user with higher privileges than them to visit an affected Form in the backend. These two factors limit the potential harm of this vulnerability. That being said, all users are advised to update ...