#git

The malware authors associated with a Phishing-as-a-Service (PhaaS) kit known as Sneaky 2FA have incorporated Browser-in-the-Browser (BitB) functionality into their arsenal, underscoring the continued evolution of such offerings and further making it easier for less-skilled threat actors to mount attacks at scale. Push Security, in a report shared with The Hacker News, said it observed the use

### Summary The `ExceededSizeError` exception messages are embedded with non-decoded JWT token parts and may cause Python logging to record an arbitrarily large, forged JWT payload. ### Details In situations where a misconfigured — or entirely absent — production-grade web server sits in front of a Python web application, an attacker may be able to send arbitrarily large bearer tokens in the HTTP request headers. When this occurs, Python logging or diagnostic tools (e.g., Sentry) may end up processing extremely large log messages containing the full JWT header during the `joserfc.jwt.decode()` operation. The same behavior also appears when validating claims and signature payload sizes, as the library raises `joserfc.errors.ExceededSizeError()` with the full payload embedded in the exception message. Since the payload is already fully loaded into memory at this stage, the library cannot prevent or reject it per se. It is therefore the responsibility of the underlying web server (`uvic...

## Summary A **Weak Password Policy** vulnerability was identified in the user management functionality of the _LibreNMS_ application. This vulnerability allows administrators to create accounts with extremely weak and predictable passwords, such as `12345678`. This exposes the platform to brute-force and credential stuffing attacks. --- ## Details **Vulnerable Component:** User creation / password definition The application fails to enforce a strong password policy when creating new users. As a result, administrators can define trivial and well-known weak passwords, compromising the authentication security of the system. --- ## PoC 1. Log in to the application using an **Administrator** account. 2. Navigate to the user management section: 3. Create a new user account using the password `12345678`. <img width="1103" height="852" alt="image" src="https://github.com/user-attachments/assets/a20d4226-9f86-46ee-a4e6-45be91bb6b7b" /> 4. The application accepts th...

## Summary A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the LibreNMS application at the `/maps/nodeimage` endpoint. The `Image Name` parameter is reflected in the HTTP response without proper output encoding or sanitization, allowing an attacker to craft a URL that, when visited by a victim, causes arbitrary JavaScript execution in the victim’s browser. ## Details - **Vulnerable Endpoint:** `GET /maps/nodeimage` - **Parameter:** `Image Name` (reflected in response) - **Vulnerability type:** Reflected Cross-Site Scripting (XSS) — input is reflected in server response and executed in victim browser. - **CWE:** CWE-79 (Improper Neutralization of Input During Web Page Generation — Cross-site Scripting) ## Description The application takes the value of the `Image Name` parameter from a request to `/maps/nodeimage` and includes it in the generated page or response without proper contextual encoding. Because the input is reflected immediately...

### TL;DR This vulnerability affects all Kirby 5 sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to update page titles or usernames. The attack requires user interaction by another Panel user and *cannot* be automated. ---- ### Introduction Cross-site scripting (XSS) is a type of vulnerability that allows to execute any kind of JavaScript code inside the Panel session of the same or other users. In the Panel, a harmful script can for example trigger requests to Kirby's API with the permissions of the victim. Such vulnerabilities are critical if you might have potential attackers in your group of authenticated Panel users. They can escalate their privileges if they get access to the Panel session of an admin user. Depending on your site, other JavaScript-powered attacks are possible. ### Impact The "Changes" dialog in the Panel displays all content models (pages, files, users) with changed content, i.e. with con...

### Impact Users without admin rights have access to `AdminTools.SpammedPages`. ### Details View rights are not restricted only to admin users for `AdminTools.SpammedPages`. While no data is visible to non admin users, the page is still accessible. ### Workarounds Set the view rights for the `AdminTools` space to be only available for the `XWikiAdminGroup`.

Cloudflare outage causes slow sites, login trouble and dashboard errors as users report problems even after the company says service is restored.

Meta on Tuesday said it has made available a tool called WhatsApp Research Proxy to some of its long-time bug bounty researchers to help improve the program and more effectively research the messaging platform's network protocol. The idea is to make it easier to delve into WhatsApp-specific technologies as the application continues to be a lucrative attack surface for state-sponsored actors and

Cybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the use of a nascent command-and-control (C2) and red teaming framework known as Tuoni. "The campaign leveraged the emerging Tuoni C2 framework, a relatively new, command-and-control (C2) tool (with a free license) that delivers stealthy, in-memory payloads,"

Those too-good-to-be-true online deals often come from drop-shipping sellers, and that can leave you holding all the risk.