Security
Headlines
HeadlinesLatestCVEs

Latest News

GHSA-c2f5-jxjv-2hh8: Wasmtime doesn't fully sandbox all the Windows device filenames

### Impact Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits, such as "COM¹", "COM²", "LPT⁰", "LPT¹", and so on. Untrusted Wasm programs that are given access to any filesystem directory could bypass the sandbox and access devices through those special device filenames with superscript digits, and through them gain access peripheral devices connected to the computer, or network resources mapped to those devices. This can include modems, printers, network printers, and any other device connected to a serial or parallel port, including emulated USB serial ports. ### Patches Patch releases for Wasmtime have been issued as 24.0.2, 25.0.3, and 26.0.1. Users of Wasmtime 23.0.x and prior are recommended to upgrade to one of these patched versions. ### Workarounds There are no known workarounds for t...

ghsa
#windows#microsoft#git
Attacker Hides Malicious Activity in Emulated Linux Environment

The CRON#TRAP campaign involves a novel technique for executing malicious commands on a compromised system.

Russia Is Going All Out on Election Day Interference

Along with other foreign influence operations—including from Iran—Kremlin-backed campaigns to stoke division and fear have gone into overdrive.

Android Botnet 'ToxicPanda' Bashes Banks Across Europe, Latin America

Chinese-speaking adversaries are using a fresh Android banking Trojan to take over devices and initiate fraudulent money transfers from financial institutions across Latin America, Italy, Portugal, and Spain.

Schneider Electric Clawed by 'Hellcat' Ransomware Gang

The cybercriminal group holding the stolen information is demanding the vendor admit to the breach and pay up.

Man Arrested for Snowflake Hacking Spree Faces US Extradition

Alexander “Connor” Moucka was arrested this week by Canadian authorities for allegedly carrying out a series of hacks that targeted Snowflake’s cloud customers. His next stop may be a US jail.

GHSA-4cf2-cxp3-rjr7: HAPI FHIR XML External Entity (XXE) vulnerability

An XML External Entity (XXE) vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities.

GHSA-v2qh-f584-6hj8: @workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled

### Impact Refresh tokens are logged to the console when the disabled by default `debug` flag, is enabled. ### Patches Patched in [https://github.com/workos/authkit-remix/releases/tag/v0.4.1](https://github.com/workos/authkit-remix/releases/tag/v0.4.1)

GHSA-5wmg-9cvh-qw25: @workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled

### Impact Refresh tokens are logged to the console when the disabled by default `debug` flag, is enabled. ### Patches Patched in [https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2](https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2)

FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions

The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer intrusions designed