Security
Headlines
HeadlinesLatestCVEs

Tag

#git

Red Hat Advanced Cluster Security 4.7 simplifies management, enhances workflows, and generates SBOMs

Today, ensuring the security and integrity of your software supply chain is more critical than ever. Red Hat Advanced Cluster Security for Kubernetes is focused on providing users the tools to tackle the greatest security challenges.One essential tool in this effort is the software bill of materials (SBOM), which provides a comprehensive list of all components and libraries used within a software product. With the growing importance of SBOMs for supply chain security—especially in light of the NIST Executive Order—Red Hat Advanced Cluster Security 4.7 introduces new features for generating

Red Hat Blog
Open in Source
#vulnerability#mac#microsoft#red_hat#git#kubernetes#aws#auth#ssl
AMOS and Lumma stealers actively spread to Reddit users

Reddit users from trading and crypto subreddits are being lured into installing malware disguised as premium cracked software.

GHSA-vqqr-fgmh-f626: Contao Vulnerable to Cross-Site Scripting (XSS) through SVG uploads

### Impact Users can upload SVG files with malicious code, which is then executed in the back end and/or front end. ### Patches Update to Contao 4.13.54, 5.3.30 or 5.5.6. ### Workarounds Remove `svg,svgz` from the allowed upload file types in the system settings and from `contao.editable_files` in the `config.yaml`. ### References https://contao.org/en/security-advisories/cross-site-scripting-through-svg-uploads ### For more information If you have any questions or comments about this advisory, open an issue in [contao/contao](https://github.com/contao/contao/issues/new/choose).

Scammers Sneak 300+ Ad Fraud Apps onto Google Play with 60M Downloads

Google Play Store hit by 300+ fake Android apps, downloaded more than 60 million times pushing ad fraud and data theft. Learn how to spot and remove these threats.

New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors

Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code. "This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent

Analyze Mobile Threats Faster: ANY.RUN Introduces Android OS to Its Interactive Sandbox

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

Fake DeepSeek AI Installers, Websites, and Apps Spreading Malware

Cybercriminals exploit AI hype with SEO poisoning, tricking users into downloading malware disguised as DeepSeek software, warns McAfee Labs in a new report.

Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets

Microsoft is calling attention to a novel remote access trojan (RAT) named StilachiRAT that it said employs advanced techniques to sidestep detection and persist within target environments with an ultimate aim to steal sensitive data. The malware contains capabilities to "steal information from the target system, such as credentials stored in the browser, digital wallet information, data stored

GHSA-m4gq-fm9h-8q75: buildx allows a possible credential leakage to telemetry endpoint

### Impact Some cache backends allow configuring their credentials by setting secrets directly as attribute values in `cache-to/cache-from` configuration. If this was done by the user, these secure values could be captured together with OpenTelemetry trace as part of the arguments and flags for the traced CLI command. Passing tokens to Github cache backend via environment variables or using registry authentication is not affected. If you passed a token value like this and use a custom OpenTelemetry collector for computing traces you should make sure that your traces are kept secure. OpenTelemetry traces are also saved in BuildKit daemon's history records. ### Patches Issue has been fixed in Buildx v0.21.3 or newer. ### Workarounds Avoid passing cache backend credentials with CLI arguments. Make sure access to traces and BuildKit history records is kept secure.

GHSA-pqq3-q84h-pj6x: Sylius PayPal Plugin Payment Amount Manipulation Vulnerability

A vulnerability allows users to manipulate the final payment amount processed by PayPal. If a user modifies the item quantity in their shopping cart after initiating the PayPal Checkout process, PayPal will not receive the updated total amount. As a result, PayPal captures only the initially transmitted amount, while Sylius incorrectly considers the order fully paid based on the modified total. This flaw can be exploited both accidentally and intentionally, potentially enabling fraud by allowing customers to pay less than the actual order value. ### Impact - Attackers can intentionally pay less than the actual total order amount. - Business owners may suffer financial losses due to underpaid orders. - Integrity of payment processing is compromised. ### Patches The issue is fixed in versions: 1.6.1, 1.7.1, 2.0.1 and above. ### Workarounds To resolve the problem in the end application without updating to the newest patches, there is a need to overwrite `ProcessPayPalOrderAction` wi...