Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

GHSA-p483-wpfp-42cj: code-server's session cookie can be extracted by having user visit specially crafted proxy URL

### Summary A maliciously crafted URL using the `proxy` subpath can result in the attacker gaining access to the session token. ### Details Failure to properly validate the port for a `proxy` request can result in proxying to an arbitrary domain. The malicious URL `https://<code-server>/proxy/[email protected]/path` would be proxied to `[email protected]/path` where the attacker could exfiltrate a user's session token. ### Impact Any user who runs code-server with the built-in proxy enabled and clicks on maliciously crafted links that go to their code-server instances with reference to `/proxy`. Normally this is used to proxy local ports, however the URL can reference the attacker's domain instead, and the connection is then proxied to that domain, which will include sending cookies. With access to the session cookie, the attacker can then log into code-server and have full access to the machine hosting code-server as the user running code-server. ### Patches Patched versions are from...

ghsa
Open in Source
#mac#git#perl
Google Chrome will use AI to block tech support scam websites

Google announced it will equip Chrome with an AI driven method to detect and block Tech Support Scam websites

Legacy Login in Microsoft Entra ID Exploited to Breach Cloud Accounts

A flaw in Microsoft Entra ID’s legacy login allowed attackers to bypass MFA, targeting admin accounts across finance,…

Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor. "Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor's

From Complexity to Clarity: The Blueprint for Scalable Workflow Automation

Cloud-native applications offer scalable, automated workflows, intelligent data processing, and seamless deployments. However, many organizations still struggle to…

Tired of Google sponsored ads? So are we! That’s why we’re introducing the option to block them on iOS    

We're rolling out a brand new feature in Malwarebytes for iOS: the ability to block Google sponsored ads directly on Safari.

Fake Crypto Exchange Ads on Facebook Spread Malware

Bitdefender exposes Facebook ad scams using fake crypto sites and celebrity lures to spread malware via malicious desktop…

Passwords in the age of AI: We need to find alternatives

The age of AI guessing our passwords is upon us, and we need to change the ways we authenticate and use passwords where we have no alternatives.

Fake AI Tools Push New Noodlophile Stealer Through Facebook Ads

Scammers are using fake AI tools and Facebook ads to spread Noodlophile Stealer malware, targeting users with a…

Spam campaign targeting Brazil abuses Remote Monitoring and Management tools

A new spam campaign is targeting Brazilian users with a clever twist — abusing the free trial period of trusted remote monitoring tools and the country’s electronic invoice system to spread malicious agents.