RT @adnanthekhan: You know what else is interesting about Kong? @pwntester reported an Actions injection (which is probably still viable) t….

RT @GHSecurityLab: 🎉 You can now enable code scanning in your GitHub Actions workflow files!. ✅ By opting-in to this feature, you can enhan….

RT @BlazingWindSec: 🚀 CodeQL zero to hero part 4: Gradio case study is out! This time we dive into how I wrote CodeQL to support the Gradio….

Solid advice usually. Not convinced it'll work on a smart meter though.

RT @pwntester: This is one of the real world vulnerabilities found by the new CodeQL packs. Can you exploit it to get the flag? Bring us yo….

RT @pwntester: Next week I'll be at @ekoparty talking about vulnerabilities in GitHub Actions and how I extended CodeQL to find them at sca….

The contrast between two CUPS vulns is amazing. This one, CVE-2024-35235, seems to have flown completely under the radar - in total contrast to CVE-2024-47176. It was an LPE with an exploit chain that sounds very reliable. I only heard about it for the first time today.

RT @GHSecurityLab: Want to learn how to secure your browser extensions? Read our latest blog post where we talk about the security model of….

RT @UK_Daniel_Card: Morning world! Slept ‘ok’ (not great not terrible). So yesterday I was doing some mitm6 over public WiFi (in the lab) a….

RT @ekoparty: Charlas MainTrack #EKO2024 🔥. 📌 @artsploit, Security Researcher at GitHub Security Lab. 💡 “Breaking corporate Maven repositor….

RT @xnyhps: We had a short look at the buffer overflow found by fuzzing `process_browse_data` to determine its exploitability. Conclusion:….

RT @BillDemirkapi: > critical 9.9 cvss "unauthenticated" rce on linux!!!!.> look inside.> requires local network access, user interaction,….

The poc crashes for me though, so I didn't actually get to see /tmp/I_AM_VULNERABLE getting created.

Based on this poc, you have to click several times to get pwned.

Considering the amount of hype, it's a bit weak to only have a poc that requires the user to try to print to a new device that just magically appeared on their network.

I think it's kind of an amusing bug, because an unprivileged user can put sshd (root) into an effectively infinite loop.

Looking through some old issues and found that this poc from 2020 still works today. It wasn't considered a security issue, which is why the bug report is public.

This series is fun. I was buying cable recently and literally couldn't find any information about the technical differences between CAT5e, CAT6a, etc. I ended up buying F/FTP CAT6a and the shielding is so heavy that it doesn't really bend. Looking forward to the CAT8 episode!.

RT @watchtowrcyber: In August, watchTowr Labs hijacked parts of the global .mobi TLD - and went on to discover the mayhem that we could cau….

RT @GHSecurityLab: GHSL-2024-005_GHSL-2024-008: SSRF, XSS, RCE and Sensitive information disclosure in OpenHAB Web UI - CVE-2024-42467, CVE….