#git

### Summary A race condition in the repository credentials handler can cause the Argo CD server to panic and crash when concurrent operations are performed on the same repository URL. ### Details The vulnerability is located in numerous repository related handlers in the `util/db/repository_secrets.go` file. For example, in the `secretToRepoCred` function. The issue manifests as a concurrent map access panic: ``` concurrent map read and map write ... goroutine 1104 [running]: github.com/argoproj/argo-cd/v2/util/db.(*secretsRepositoryBackend).secretToRepoCred(0xc000e50ea8?, 0xc000c65540) /go/src/github.com/argoproj/argo-cd/util/db/repository_secrets.go:404 +0x31e ``` The race condition occurs due to: 1. Concurrent repository credential operations (create/update/delete) accessing the same map 2. Kubernetes informer re-syncs happening simultaneously 3. Background watchers updating the same secret data 4. No mutex protection for map access A valid API token with `repositories`...

### Summary A command injection vulnerability exists in the `figma-developer-mcp` MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to `child_process.exec`, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (`|`, `>`, `&&`, etc.). ### Details The MCP Server exposes tools to perform several figma operations. An MCP Client can be instructed to execute additional actions for example via indirect prompt injection that can lead to command injection by calling vulnerable tools with malicious inputs. Below some example of vulnerable code and different ways to test this vulnerability. ### Vulnerable code The following snippet illustrates the vulnerable code ...

Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. "Phantom Taurus' main focus areas include ministries of foreign affairs, embassies, geopolitical events, and military operations," Palo Alto Networks Unit 42

Google has launched a new AI-based protection in Drive for desktop that can shut down an attack before it spreads—but its benefits have their limits.

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial intelligence (AI) assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft. "They made Gemini vulnerable to search-injection attacks on its Search Personalization Model; log-to-prompt injection attacks against Gemini Cloud

Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and Event Management solution (SIEM) as a unified agentic platform with the general availability of the Sentinel data lake. In addition, the tech giant said it's also releasing a public preview of Sentinel Graph and Sentinel Model Context Protocol (MCP) server. "With graph-based context, semantic access, and agentic

All versions of the package check-branches are vulnerable to Command Injection. check-branches is a command-line tool that is interacted with locally, or via CI, to confirm no conflicts exist in git branches. However, the library follows these conventions which can be abused: 1. It trusts branch names as they are (plain text) 2. It spawns git commands by concatenating user input Since a branch name is potentially a user input - as users can create branches remotely via pull requests, or simply due to privileged access to a repository - it can effectively be abused to run any command.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.1 ATTENTION: Low attack complexity Vendor: OpenPLC_V3 Equipment: OpenPLC_V3 Vulnerability: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial of service, making the PLC runtime process crash. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of OpenPLC_V3 are affected: OpenPLC_V3: Versions prior to pull request #292 3.2 VULNERABILITY OVERVIEW 3.2.1 RELIANCE ON UNDEFINED, UNSPECIFIED, OR IMPLEMENTATION-DEFINED BEHAVIOR CWE-758 OpenPLC_V3 has a vulnerability in the enipThread function that occurs due to the lack of a return value. This leads to a crash when the server loop ends and execution hits an illegal ud2 instruction. This issue can be triggered remotely without authentication by starting the same server multiple times or if the server exits unexpectedly. The vulnerability allows an attacker to cause a Denial of Service (...

Investigators linked 1,463 victims to the scams, and said their losses amounted to around $2.8 million.

Microsoft Threat Intelligence detected a new AI-powered phishing campaign using LLMs to hide malicious code inside SVG files disguised as business dashboards.