#vulnerability

Researchers testing generative AI systems can use prompt injection, re-register after being banned, and bypass rate limits without running afoul of copyright law.

A single barrier prevented attackers from exploiting a critical vulnerability in an enterprise collaboration platform. Now there's a workaround.

In PyO3 0.23.0 the `PYO3_CONFIG_FILE` environment variable used to configure builds regressed such that changing the environment variable would no longer trigger PyO3 to reconfigure and recompile. In combination with workflows using tools such as `maturin` to build for multiple versions in a single build, this leads to Python wheels being compiled against the wrong Python API version. All users who distribute artefacts for multiple Python versions are encouraged to update and rebuild with PyO3 0.23.3. Affected wheels produced from PyO3 0.23.0 through 0.23.2 are highly unstable and will crash the Python interpreter in unpredictable ways.

Ever wonder what an extroverted strategy security nerd does? Wonder no longer! This week, Joe pontificates on his journey at Talos, and then is inspired by the people he gets to meet and help.

During a security audit, [Radically Open Security](https://www.radicallyopensecurity.com/) discovered two vulnerabilities which allow attackers to trigger resource exhaustion vulnerabilities in `rpgp` by providing crafted messages. This affects general message parsing and decryption with symmetric keys. ### Impact Affected `rpgp` versions do not correctly set upper limits on the total reserved amount of memory when parsing long sequences of partial OpenPGP packets, which can grow to to several GiB in size. Additionally, up to 4GiB of memory is reserved for OpenPGP packets of fixed size with large length fields, even if less data is received. Depending on existing message size restrictions and available system resources, this can cause out-of-memory conditions and crash the `rpgp` process or cause other system instability through memory resource exhaustion when parsing crafted messages. Affected `rpgp` versions are susceptible to excessive memory allocation with values of up to 2TiB ...

During a security audit, [Radically Open Security](https://www.radicallyopensecurity.com/) discovered several reachable edge cases which allow an attacker to trigger `rpgp` crashes by providing crafted data. ### Impact When processing malformed input, `rpgp` can run into Rust panics which halt the program. This can happen in the following scenarios: * Parsing OpenPGP messages from binary or armor format * Decrypting OpenPGP messages via `decrypt_with_password()` * Parsing or converting public keys * Parsing signed cleartext messages from armor format * Using malformed private keys to sign or encrypt Given the affected components, we consider most attack vectors to be reachable by remote attackers during typical use cases of the `rpgp` library. The attack complexity is low since the malformed messages are generic, short, and require no victim-specific knowledge. The result is a denial-of-service impact via program termination. There is no impact to confidentiality or integrity secur...

The emerging threat actor, potentially a Chinese state-sponsored APT, is using the known exploit kit Moonshine in cross-platform attacks that deliver a previously undisclosed backdoor called "DarkNimbus" to ethnic minorities, including Tibetans.

The Comment module allows users to reply to comments. In certain cases, an attacker could make comment reply requests that would trigger a denial of service (DOS). Sites that do not use the Comment module are not affected.

By understanding the unique challenges of protecting IoT and OT devices, organizations can safeguard these critical assets against evolving cyber threats.

Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances. The critical vulnerability in question is CVE-2024-41713 (CVSS score: 9.8), which relates to a case of insufficient input