Security
Headlines
HeadlinesLatestCVEs

Tag

#git

Fake ChatGPT Desktop App Delivering PipeMagic Backdoor, Microsoft

Microsoft warns that a fake ChatGPT desktop app was used to deliver PipeMagic malware, linked to ransomware attacks…

HackRead
Open in Source
#vulnerability#web#windows#microsoft#git#backdoor#zero_day
Fake Copyright Notices Drop New Noodlophile Stealer Variant

Morphisec warns of a new Noodlophile Stealer variant spread via fake copyright phishing emails, using Dropbox links and…

Scammers Compromised by Own Malware, Expose $4.67M Operation

CloudSEK uncovered a Pakistan-based family cybercrime network that spread infostealers via pirated software, netting $4.67M and millions of…

GHSA-3x3q-ghcp-whf7: Template Secret leakage in logs in Scaffolder when using `fetch:template`

### Impact Duplicate logging of the input values in the `fetch:template` action in the Scaffolder meant that some of the secrets were not properly redacted. If you're not passing through `${{ secrets.x }}` to `fetch:template` there is no impact. ### Patches This issue has been resolved in `2.1.1` of the `scaffolder-backend` plugin. ### Workarounds Template Authors can remove the use of `${{ secrets }}` being used as an argument to `fetch:template`. ### References If you have any questions or comments about this advisory: Open an issue in the [Backstage repository](https://github.com/backstage/backstage) Visit our Discord, linked to in [Backstage README](https://github.com/backstage/backstage)

Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme

Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from wiring funds directly out of accounts, the phishers have pivoted to using multiple compromised brokerage accounts in unison to manipulate the prices of foreign stocks.

Italian hotels breached for tens of thousands of scanned IDs

A cybercriminal was found selling scanned IDs that were stolen from guests at Italian hotels on underground forums, warned CERT-AGID.

GHSA-9x9c-ghc5-jhw9: @astrojs/node's trailing slash handling causes open redirect issue

### Summary Following https://github.com/withastro/astro/security/advisories/GHSA-cq8c-xv66-36gw, there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios. ### Details Astro 5.12.8 fixed a case where `https://example.com//astro.build/press` would redirect to the external origin `//astro.build/press`. However, with the Node deployment adapter in standalone mode and `trailingSlash` set to `"always"` in the Astro configuration, `https://example.com//astro.build/press` still redirects to `//astro.build/press`. ### Proof of Concept 1. Create a new minimal Astro project (`astro@5.12.8`) 2. Configure it to use the Node adapter (`@astrojs/node@9.4.0`) and force trailing slashes: ```js // astro.config.mjs import { defineConfig } from 'astro/config'; import node from '@astrojs/node'; export default defineConfig({ trailingSlash: 'always', adapter: node({ mode: 'standalone' }), }); ``` 3. Build the site by running `astro build`....

National Public Data returns after massive Social Security Number leak

National Public Data has changed ownership. Does this mean your personal information has changed hands too?

Police Bust Crypto Scammers, Nab Smishing SMS Blaster Operator

Thai police arrest SMS Blaster operator in smishing scam and bust crypto laundering gang moving $30M monthly through…

UAT-7237 targets Taiwanese web hosting infrastructure

Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat (APT) group active since at least 2022, which has significant overlaps with UAT-5918.