#git

### Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. ### Am I affected? You are affected by this vulnerability if you meet the following preconditions: 1. Applications using the Auth0 Wordpress plugin with version between 5.0.0-BETA0 and 5.3.0, 2. Auth0 Wordpress plugin uses the Auth0-PHP SDK with versions between 3.3.0 and 8.16.0. ### Fix Upgrade Auth0 Wordpress plugin to version 5.4.0 or greater. ### Acknowledgement Okta would like to thank Mohamed Amine Saidani (pwni) for discovering this vulnerability.

### Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. ### Am I affected? You are affected by this vulnerability if you meet the following preconditions: 1. Applications using the Auth0 laravel-auth0 SDK with version between 4.0.0 and 7.18.0, 2. Auth0 laravel-auth0 SDK uses the Auth0-PHP SDK with versions between 3.3.0 and 8.16.0. ### Fix Upgrade Auth0 laravel-auth0 SDK to version 7.19.0 or greater. ### Acknowledgement Okta would like to thank Mohamed Amine Saidani (pwni) for discovering this vulnerability.

### Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. ### Am I affected? You are affected by this vulnerability if you meet the following preconditions: 1. Applications using the Auth0-PHP SDK, versions between v3.3.0 and v8.16.0, or 2. Applications using the following SDKs that rely on the Auth0-PHP SDK versions between v3.3.0 and v8.16.0: a. Auth0/symfony, b. Auth0/laravel-auth0, c. Auth0/wordpress. ### Fix Upgrade Auth0/Auth0-PHP to version 8.17.0 or greater. ### Acknowledgement Okta would like to thank Mohamed Amine Saidani (pwni) for discovering this vulnerability.

### Summary The `/mpl/<port>/<route>` endpoint, which is accessible without authentication on default Marimo installations allows for external attackers to reach internal services and arbitrary ports. ### Details This route is used internally to provide access to interactive matplotlib visualizations. [marimo/marimo/_server/main.py at main · marimo-team/marimo](https://github.com/marimo-team/marimo/blob/main/marimo/_server/main.py) This endpoint functions as an unauthenticated proxy, allowing an attacker to connect to any service running on the local machine via the specified `<port>` and `<route>`. The existence of this proxy is visible in the application's code (marimo/_server/main.py), but there's no official documentation or warning about its behavior or potential risks. ### Impact CWE-441: Proxying Without Authentication This vulnerability, as it can be used to bypass firewalls and access internal services that are intended to be local-only. The level of impact depends ent...

# Arbitrary code execution in guest via memory safety failure in `sys_read` In affected versions of `risc0-zkvm-platform`, when the zkVM guest calls `sys_read`, the host is able to use a crafted response to write to an arbitrary memory location in the guest. This capability can be leveraged to execute arbitrary code within the guest. As `sys_read` is the mechanism by which input is requested by the guest, all guest programs built with the affected versions are vulnerable. This critically compromises the soundness guarantees of the guest program. A fix was applied in [\#3351](https://github.com/risc0/risc0/pull/3351). The vulnerable pointer arithmetic was removed, and replaced with a simplified implementation in the `v1compat` kernel which uses Rust’s slice functions to guarantee memory safety. The fix has been released as part of `risc0-zkvm` versions `2.3.2` and `3.0.3`. All prior versions are affected. ## Remediation All developers of zkVM applications should update their guests...

WestJet confirms a data breach starting June 13, 2025, stole passport/ID and personal data. Credit cards and passwords are safe. The airline offers 24 months of free identity monitoring, including $1M insurance.

In yet another piece of research, academics from Georgia Institute of Technology and Purdue University have demonstrated that the security guarantees offered by Intel's Software Guard eXtensions (SGX) can be bypassed on DDR4 systems to passively decrypt sensitive data. SGX is designed as a hardware feature in Intel server processors that allows applications to be run in a Trusted Execution

Cybersecurity researchers at Varonis have discovered two new plug-and-play cybercrime toolkits, MatrixPDF and SpamGPT. Learn how these AI-powered tools make mass phishing and PDF malware accessible to anyone, redefining online security risks.

### Impact When visiting a specific URL, an anonymous user could cause the NodeJS server part of Volto to quit with an error. ### Patches The problem has been patched and the patch has been backported to Volto major versions down until 16. It is advised to upgrade to the latest patch release of your respective current major version: - Volto 16: [16.34.1](https://github.com/plone/volto/releases/tag/16.34.1) - Volto 17: [17.22.2](https://github.com/plone/volto/releases/tag/17.22.2) - Volto 18: [18.27.2](https://github.com/plone/volto/releases/tag/18.27.2) - Volto 19: [19.0.0-alpha6](https://github.com/plone/volto/releases/tag/19.0.0-alpha.6) ### Workarounds Make sure your setup automatically restarts processes that quit with an error. This won't prevent a crash, but it minimises downtime. ### Report The problem was discovered by FHNW, a client of Plone provider kitconcept, who shared it with the Plone Zope Security Team (security@plone.org).

Zhimin Qian, the 'Bitcoin Queen,' pleads guilty in the UK after police seized over £5 billion in stolen crypto, the world's largest crypto seizure. Details on the Ponzi scam and fight for the funds.