Tag
#ios
### Summary `gix-transport` does not check the username part of a URL for text that the external `ssh` program would interpret as an option. A specially crafted clone URL can smuggle options to SSH. The possibilities are syntactically limited, but if a malicious clone URL is used by an application whose current working directory contains a malicious file, arbitrary code execution occurs. ### Details This is related to the patched vulnerability https://github.com/advisories/GHSA-rrjw-j4m2-mf34, but appears less severe due to a greater attack complexity. Since https://github.com/Byron/gitoxide/pull/1032, `gix-transport` checks the host and path portions of a URL for text that has a `-` in a position that will cause `ssh` to interpret part of all of the URL as an option argument. But it does not check the non-mandatory username portion of the URL. As in Git, when an address is a URL of the form `ssh://username@hostname/path`, or when it takes the special form `username@hostname:dirs/r...
Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. "The latest iteration of LightSpy, dubbed 'F_Warehouse,' boasts a modular framework with extensive spying features," the BlackBerry Threat Research and Intelligence Team said in a report published last
By Deeba Ahmed Apple has issued iPhone security alerts to 92 countries, stating that their devices have been targeted by a mercenary spyware attack, expressing high confidence in the warning. This is a post from HackRead.com Read the original post: iPhone Users in 92 Countries Targeted by Mercenary Spyware Attacks
By Waqas Cybercriminals using deepfakes to target businesses! LastPass narrowly avoids security breach after employee identifies fake CEO in WhatsApp call. Read how LastPass is urging awareness against evolving social engineering tactics. This is a post from HackRead.com Read the original post: LastPass Dodges Deepfake Scam: CEO Impersonation Attempt Thwarted
North Korean hackers break ground with new exploitation techniques for Windows and macOS.
Apple has sent alerts to people in 92 nations to say it's detected that they may have been a victim of a mercenary attack.
Prioritizing security and user experience will help you build a robust and reliable authentication system for your business.
Don't wait for an online harassment campaign to unfairly target you or a loved one. Take these proactive steps today to stay safe.
### Summary The [patch that addressed CVE-2023-40581](https://github.com/yt-dlp/yt-dlp/commit/de015e930747165dbb8fcd360f8775fd973b7d6e) attempted to prevent RCE when using `--exec` with `%q` by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment variables. Support for output template expansion in `--exec`, along with this vulnerable behavior, was added to `yt-dlp` in version [2021.04.11](https://github.com/yt-dlp/yt-dlp/releases/tag/2021.04.11). ```cmd > yt-dlp "https://youtu.be/42xO6rVqf2E" --ignore-config -f 18 --exec "echo %(title)q" [youtube] Extracting URL: https://youtu.be/42xO6rVqf2E [youtube] 42xO6rVqf2E: Downloading webpage [youtube] 42xO6rVqf2E: Downloading ios player API JSON [youtube] 42xO6rVqf2E: Downloading android player API JSON [youtube] 42xO6rVqf2E: Downloading m3u8 information [info] 42xO6rVqf2E: Downloading 1 format(s): 18 [download] Destination: %CMDCMDLINE:~-1%&echo pwned&calc.exe [4...
A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks. The vulnerability, tracked as CVE-2024-24576, has a CVSS score of 10.0, indicating maximum severity. That said, it only impacts scenarios where batch files are invoked on Windows with untrusted arguments. "The Rust standard library did not properly escape