Latest News

The breach kickstarted a massive supply chain attack that led to the compromise of hundreds of Salesforce instances through stolen OAuth tokens.

### Summary Admin UI user password changes in Fides do not invalidate active user sessions, creating a vulnerability chaining opportunity where attackers who have obtained session tokens through other attack vectors (such as XSS) can maintain access even after password reset. This issue is not directly exploitable on its own and requires a prerequisite vulnerability to obtain valid session tokens in the first place. ### Details Fides uses encrypted authentication tokens with extended expiration periods. When a password is changed via password reset endpoints, the system updates the password hash in the database but does not invalidate existing client sessions or tokens. The authentication system validates tokens based on their cryptographic integrity and expiration time, not against the current password state. The frontend application stores authentication state in browser local storage, which persists across browser sessions until explicit logout or natural token expiration. This...

# Command Injection in MCP Server The MCP Server at https://github.com/akoskm/create-mcp-server-stdio is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. ## Vulnerable tool The MCP Server exposes the tool `which-app-on-port` which relies on Node.js child process API `exec` which is an unsafe and vulnerable API if concatenated with untrusted user input. Vulnerable line of code: https://github.com/akoskm/create-mcp-server-stdio/blob/main/src/index.ts#L24-L40 ```js server.tool("which-app-on-port", { port: z.number() }, async ({ port }) => { const result = await new Promise<ProcessInfo>((resolve, reject) => { exec(`lsof -t -i tcp:${port}`, (error, pidStdout) => { if (error) { reject(error); return; } const pid = pidStdout.trim(); exec(`ps -p ${pid} -o comm=`, (error, stdout) => { if (error) { reject(error); return...

CodeceptJS 3.7.3 contains a command injection vulnerability in the emptyFolder function (lib/utils.js). The execSync command directly concatenates the user-controlled directoryPath parameter without sanitization or escaping, allowing attackers to execute arbitrary commands.

An arbitrary file upload vulnerability in the Chat Trigger component of N8N v1.95.3, v1.100.1, and v1.101.1 allows attackers to execute arbitrary code via uploading a crafted HTML file.

An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed QuerySet.annotate() or QuerySet.alias().

Aikido Security flagged the largest npm attack ever recorded, with 18 packages like chalk, debug, and ansi-styles hacked…

This week on the Lock and Code podcast, we speak with Emily Galvin-Almanza about predictive policing and whether it actually improves safety.

Hackers exploit a Sitecore zero-day (CVE-2025-53690) to deploy WEEPSTEEL Malware via ViewState attacks, enabling Remote Code Execution (RCE).

Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. So far, 22 companies have confirmed they were impacted by a supply chain breach. "With