Latest News

For years, my career in cybersecurity was defined by a sense of urgency and criticality. As a leader of incident response teams, I lived on the front lines, constantly reacting to the latest software vulnerabilities, cyberattacks, and anomalies. My days were a blur of alerts, patch deployments, and the relentless pressure to mitigate risk and restore operations. It was a challenging, high-stakes environment where every vulnerability felt like a direct threat.Now, I've traded the immediate firefight for a more proactive battlefield as a manager within Red Hat Product Security. This has given me

NOTE: This blog has been updated to announce support for additional supported third-party model providers for the Red Hat Ansible Lightspeed intelligent assistant. Additional testing and validation of new model providers is ongoing. For the most recent list of supported model providers, please refer to Red Hat's official documentation. Earlier this year, we released the Red Hat Ansible Lightspeed intelligent assistant, a generative AI service which delivers an intuitive chat assistant embedded within Ansible Automation Platform. The Ansible Lightspeed intelligent assistant is like having an An

The initial access broker has been weaponizing endpoint detection and response (EDR) platforms and Windows utilities in recent high-precision attacks.

### Description An input-validation flaw in the returnTo parameter in the Auth0 Next.js SDK could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request. Successful exploitation may result in tokens being issued with unintended parameters ### Am I Affected? You are affected if you meet the following preconditions: - Applications using the auth0/nextjs-auth0 SDK version prior to 4.13.0 ### Affected product and versions Auth0/nextjs-auth0 versions >= 4.9.0 and < 4.13.0 ### Resolution Upgrade Auth0/nextjs-auth0 version to v4.13.0 ### Acknowledgements Okta would like to thank Joshua Rogers (MegaManSec) for their discovery and responsible disclosure.

### Description In the Okta Java SDK, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. ### Affected product and versions You may be affected if you meet the following preconditions: - Using the Okta Java SDK between versions 11.0.0 and 20.0.0, and - Implementing a multithreaded application with the ApiClient class where the response status code is used in access control flows ### Resolution Upgrade Okta/okta-sdk-java to versions 21.0.0 or greater.

1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality. The port-change endpoint lacks CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a port-change request; when a victim visits it while authenticated, the browser includes valid session cookies and the request succeeds. This allows an attacker to change the port on which the 1Panel web service listens, causing loss of access on the original port and resulting in service disruption or denial of service, and may unintentionally expose the service on an attacker-chosen port.

1Panel versions 1.10.33 through 2.0.15 contain a cross-site request forgery (CSRF) vulnerability in the panel name management functionality. The affected endpoint does not implement CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a panel-name change request; if a victim visits the page while authenticated, the browser includes valid session cookies and the request succeeds. This allows a remote attacker to change the victim’s panel name to an arbitrary value without consent.

### Description When using affected versions of the Next.js SDK, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. ### Am I Affected? You are affected if you meet the following preconditions: - Applications using the auth0/nextjs-auth0 SDK with a singleton client instance, versions 4.11.0, 4.11.1, and 4.12.0. ### Affected product and versions Auth0/nextjs-auth0 v4.11.0, v4.11.1, and v4.12.0. ### Resolution Upgrade Auth0/nextjs-auth0 version to v4.11.2 or v4.12.1 ### Acknowledgements Okta would like to thank Joshua Rogers for their discovery and responsible disclosure.

### Description In the Okta Java SDK, specific multithreaded implementations may encounter memory issues as threads are not properly cleaned up after requests are completed. Over time, this can degrade performance and availability in long-running applications and may result in a denial-of-service condition under sustained load. ### Affected product and versions You may be affected by this vulnerability if you meet the following preconditions: - Using the Okta Java SDK between versions 21.0.0 and 24.0.0, and - Implementing a long-running application using the ApiClient in a multi-threaded manner. ### Resolution Upgrade Okta/okta-sdk-java to versions 24.0.1 or greater. ### Acknowledgement Okta would like to thank Andrew Pikler (pyckle) for their discovery and responsible disclosure.

A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install malware on victims' computers.