#git

Beware before downloading Google Chrome from a Google search, you might get more than you expected.

Name: ASA-2025-003: Groups module can halt chain when handling a malicious proposal Component: CosmosSDK Criticality: High (Considerable Impact; Likely Likelihood per [ACMv1.2](https://github.com/interchainio/security/blob/main/resources/CLASSIFICATION_MATRIX.md)) Affected versions: <= v0.47.15, <= 0.50.11 Affected users: Validators, Full nodes, Users on chains that utilize the groups module ### Description An issue was discovered in the groups module where a malicious proposal would result in a division by zero, and subsequently halt a chain due to the resulting error. Any user that can interact with the groups module can introduce this state. ### Patches The new Cosmos SDK release [v0.50.12](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.50.12) and [v0.47.16](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.47.16) fix this issue. ### Workarounds There are no known workarounds for this issue. It is advised that chains apply the update. ### Timeline * February 9, 202...

### Impact Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to `<host>/xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28"Hello%20from"%20%2B%20"%20search%20text%3A"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20`. If there is an output, and the title of the RSS feed contains `Hello from search text:42`, then the instance is vulnerable. ### Patches This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. ### Workarounds [This line](https://github.com/xwiki/xwiki-platform/blob/568447cad5172d97d6bbcfda9f6183689c2cf086/xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-ui/src/main/resources/Main/SolrSearchMacros.xml#L955) in `Main.SolrSearchMa...

Fake browser update scams now target Mac, Windows, and Android users, delivering malware like FrigidStealer, Lumma Stealer, and…

An infostealer known as ACRStealer is using legitimate platforms like Google Docs and Steam as part of an attack.

Cisco Talos has been closely monitoring reports of widespread intrusion activity against several major U.S. telecommunications companies, by a threat actor dubbed Salt Typhoon. This blog highlights our observations on this campaign and identifies recommendations for detection and prevention.

Google enables marketers to target people with serious illnesses and crushing debt—against its policies—as well as the makers of classified defense technology, a WIRED investigation has found.

FBI and CISA warn of Ghost ransomware, a China-based cyber threat targeting businesses, schools, and healthcare worldwide by exploiting software vulnerabilities.

A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation. "The legitimate application used in the attack, jarsigner, is a file created during the installation of the IDE package distributed by the Eclipse Foundation," the AhnLab SEcurity Intelligence Center (ASEC)

Breeze Liu has been a prominent advocate for victims. But even she struggled to scrub nonconsensual intimate images and videos of herself from the web.