Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Healthcare security lapses keep piling up

Healthcare security is failing patients time and again. This week DM Clinical Research and Helath Net Federal Services take the spotlight

Malwarebytes
Open in Source
#web#git#auth
The US Is Considering a TP-Link Router Ban—Should You Worry?

Several government departments are investigating TP-Link routers over Chinese cyberattack fears, but the company denies links.

Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3

The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform appear to be readying a new version that allows prospective customers and cyber crooks to clone any brand's legitimate website and create a phishing version, further bringing down the technical expertise required to pull off phishing attacks at scale. The latest iteration of the phishing suite "represents a significant

Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025

In today’s rapidly evolving digital landscape, weak identity security isn’t just a flaw—it’s a major risk that can expose your business to breaches and costly downtime. Many organizations are overwhelmed by an excess of user identities and aging systems, making them vulnerable to attacks. Without a strategic plan, these security gaps can quickly turn into expensive liabilities. Join us for "

GHSA-pp9m-qf39-hxjc: S3-Proxy allows Reflected Cross-site Scripting (XSS) in template implementation

### Summary A Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted domain, posing a moderate risk to all users. ### Details _Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer._ It's possible to inject html elements, including scripts through the [folder-list template](https://github.com/oxyno-zeta/s3-proxy/blob/master/templates/folder-list.tpl#L19C21-L19C38). It seems like the `.Request.URL.Path` variable is not escaped. I did some research and found it might be due to the `text/template` import being used in [the template implementation](https://github.com/oxyno-zeta/s3-proxy/blob/master/pkg/s3-proxy/utils/templateutils/template.go#L8), instead of the [safer](https://pkg.go.dev/html/template) `html/template`. ### PoC _Complete instructions, including ...

GHSA-82vg-5v4f-f9wq: Namada-apps can Crash with Excessive Computation in Mempool Validation

### Impact A malicious transaction may cause a crash in mempool validation. A transaction with authorization section containing 256 public keys or more with valid matching signatures triggers an integer overflow in signature verification that causes a the node to panic. ### Patches This issue has been patched in apps version 1.1.0. The mempool validation has been fixed to avoid overflow. ### Workarounds There are no workarounds and users are advised to upgrade.

SecTopRAT bundled in Chrome installer distributed via Google Ads

Beware before downloading Google Chrome from a Google search, you might get more than you expected.

The National Institute of Standards and Technology Braces for Mass Firings

Approximately 500 NIST staffers, including at least three lab directors, are expected to lose their jobs at the standards agency as part of the ongoing DOGE purge, sources tell WIRED.

GHSA-j3mm-wmfm-mwvh: Cross-site scripting (XSS) in the CKEditor 5 real-time collaboration package

### Impact During a recent internal audit, we identified a Cross-Site Scripting (XSS) vulnerability in the CKEditor 5 real-time collaboration package. This vulnerability can lead to unauthorized JavaScript code execution and affects user markers, which represent users' positions within the document. This vulnerability affects only installations with [Real-time collaborative editing](https://ckeditor.com/docs/ckeditor5/latest/features/collaboration/real-time-collaboration/real-time-collaboration.html) enabled. ### Patches The problem has been recognized and patched. The fix will be available in version 44.2.1 (and above). ### For more information Email us at [[email protected]](mailto:[email protected]) if you have any questions or comments about this advisory.

GHSA-rr6p-3pfg-562j: XWiki Platform allows remote code execution as guest via SolrSearchMacros request

### Impact Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to `<host>/xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28"Hello%20from"%20%2B%20"%20search%20text%3A"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20`. If there is an output, and the title of the RSS feed contains `Hello from search text:42`, then the instance is vulnerable. ### Patches This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. ### Workarounds [This line](https://github.com/xwiki/xwiki-platform/blob/568447cad5172d97d6bbcfda9f6183689c2cf086/xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-ui/src/main/resources/Main/SolrSearchMacros.xml#L955) in `Main.SolrSearchMa...