#auth

Heap-based buffer overflow in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Multiple npm packages have been compromised as part of a software supply chain attack after a maintainer's account was compromised in a phishing attack. The attack targeted Josh Junon (aka Qix), who received an email message that mimicked npm ("support@npmjs[.]help"), urging them to update their update their two-factor authentication (2FA) credentials before September 10, 2025, by clicking on

Geedge Networks, a company with ties to the founder of China’s mass censorship infrastructure, is selling its censorship and surveillance systems to at least four other countries in Asia and Africa.

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have been quickly contained and was narrowly focused on stealing cryptocurrency. But experts warn that a similar attack with a slightly more nefarious payload could quickly lead to a disruptive malware outbreak that is far more difficult to detect and restrain.

# Summary pREST provides a simple way for users to expose access their database via a REST-full API. The project is implemented using the Go programming language and is designed to expose access to Postgres database tables. During an independent review of the project, Doyensec engineers found that SQL injection is a systemic problem in the current implementation (version `v2.0.0-rc2`). Even though there are several instances of attempts to sanitize user input and mitigate injection attempts, we have found that on most code-paths, the protection is faulty or non-existent. ## Core Endpoints The main functionality providing REST operations on the data stored in the Postgres database is exposed via the following endpoints: - `GET /{database}/{schema}/{table}` - `POST /{database}/{schema}/{table}` - `PUT|PATCH /{database}/{schema}/{table}` - `DELETE /{database}/{schema}/{table}` Handlers for the above endpoints execute very similar logic. At a high-level they: 1. Perform authenticati...

An XSS issue was reported in the MCP Inspector local development tool when connecting to an untrusted remote MCP server with a malicious redirect URI. This could be leveraged to interact directly with the inspector proxy to trigger arbitrary command execution. Users are advised to update to 0.16.6 to resolve this issue. Thank you to the following researchers for their reports and contributions: * Raymond (Veria Labs) * Gavin Zhong, [superboyzjc@gmail.com](mailto:superboyzjc@gmail.com) & Shuyang Wang, [swang@obsidiansecurity.com](mailto:swang@obsidiansecurity.com).

### Impact The blog application in XWiki allowed remote code execution for any user who has edit right on any page. Normally, these are all logged-in users as they can edit their own user profile. To exploit, it is sufficient to add an object of type `Blog.BlogPostClass` to any page and to add some script macro with the exploit code to the "Content" field of that object. ### Patches The vulnerability has been patched in the blog application version 9.14 by executing the content of blog posts with the rights of the appropriate author. ### Workarounds We're not aware of any workarounds. ### Resources * https://jira.xwiki.org/browse/BLOG-191 * https://github.com/xwiki-contrib/application-blog/commit/b98ab6f17da3029576f42d12b4442cd555c7e0b4