Latest News

Google AI systems (Gemini Enterprise) had a critical 'GeminiJack' security flaw allowing attackers to steal Gmail, Docs, and Calendar data with no clicks.

## Summary An Open Redirect vulnerability exists in Taguette that allows attackers to craft malicious URLs that redirect users to arbitrary external websites after authentication. This can be exploited for phishing attacks where victims believe they are interacting with a trusted Taguette instance but are redirected to a malicious site designed to steal credentials or deliver malware. **Severity:** Medium to High --- ## Details The application accepts a user-controlled `next` parameter and uses it directly in HTTP redirects without any validation. The vulnerable code is located in two places: ### Location 1: Login Handler (`taguette/web/views.py`, lines 140-144) ```python def _go_to_next(self): next_ = self.get_argument('next', '') if not next_: next_ = self.reverse_url('index') return self.redirect(next_) # ← No validation of next_ parameter ``` This method is called after successful login (line 132) and when an already-logged-in user visits the login pa...

### Summary A directory traversal vulnerability in NiceGUI's `App.add_media_files()` allows a remote attacker to read arbitrary files on the server filesystem. ### Details Hello, I am Seungbin Yang, a university student studying cybersecurity. While reviewing the source code of the repository, I discovered a potential vulnerability and successfully verified it with a PoC. The `App.add_media_files(url_path, local_directory)` method allows users to serve media files. However, the implementation lacks proper path validation. ```python def add_media_files(self, url_path: str, local_directory: Union[str, Path]) -> None: @self.get(url_path.rstrip('/') + '/{filename:path}') def read_item(request: Request, filename: str, nicegui_chunk_size: int = 8192) -> Response: filepath = Path(local_directory) / filename if not filepath.is_file(): raise HTTPException(status_code=404, detail='Not Found') return get_range_response(filepath, request, chunk_siz...

### Summary A state consistency bug in `x/costaking` can leave a BTC delegator with non-zero `ActiveSatoshis` (Phatom Stake) even after they have fully unbonded their BTC delegation, if their Finality Provider (FP) drops out of the active set in the exact same babylon block height. This creates a “phantom stake”: the delegator’s BTC capital is withdrawn, the FP is inactive, but costaking continues to treat the delegation as active BTC stake allowing ongoing rewards accrual without backing BTC. ### Impact An address can keep earning costaking rewards with zero BTC staked. Reported by @BottyBott.

The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL side-loading, and fileless PowerShell execution to facilitate ransomware attacks. "These methods allow them to bypass defenses, infiltrate networks, maintain persistence, and operate undetected, raising serious concerns for

The NCSC warns that prompt injection is unlikely to be mitigated in the same way SQL injection was. How do they compare?

SimpleX Chat’s X account hacked to promote fake crypto site urging users to connect wallets. Site mimicked official design to steal funds.

The core problem persists: anyone can still buy a 'verified' checkmark from X, so don't take their authenticity for granted.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: D-Link (India Limited), Sparsh Securitech, Securus CCTV Equipment: DCS-F5614-L1 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could result in information disclosure including capture of camera account credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following D-Link CCTV camera model is confirmed to be affected; specific affected models for Sparsh Securitech and Securus CCTV are unavailable: DCS-F5614-L1: Versions v1.03.038 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL. CVE-2025-13607 has been assigned to this vulnerability. A CVSS v3 base score of 9.4 has been calculated; the CVSS vector string is ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: U-Boot Equipment: U-Boot Vulnerability: Improper Access Control for Volatile Memory Containing Boot Code 2. RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of U-boot is affected: U-boot: All versions prior to 2017.11 The following specific chips have been confirmed to be affected: Qualcomm IPQ4019 Qualcomm IPQ5018 Qualcomm IPQ5322 Qualcomm IPQ6018 Qualcomm IPQ8064 Qualcomm IPQ8074 Qualcomm IPQ9574 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER ACCESS CONTROL FOR VOLATILE MEMORY CONTAINING BOOT CODE CWE-1274 The affected products are vulnerable to a bootloader vulnerability, which could allow an attacker to execute arbitrary code. CVE-2025-24857 has been assigned to this vulnerability. A CVSS v3 base score of 8.4 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:...