#vulnerability

The infamous payment-skimmer cybercrime organization is exploiting CVE-2024-20720 in Magento for a novel approach to stealing card data.

Large language models require rethinking how to bake security into the software development process earlier.

As of version 0.6.0, the ObjectPool explicitly creates an uninitialized instance of its type parameter when it attempts to free an object, and swaps it into the storage. This causes instant undefined behavior due to reading the uninitialized memory in order to write it to the pool storage. Extremely basic usage of the crate can trigger this issue, e.g. this code from a doctest: ```rust use crayon::prelude::*; application::oneshot().unwrap(); let mut params = MeshParams::default(); let mesh = video::create_mesh(params, None).unwrap(); // Deletes the mesh object. video::delete_mesh(mesh); // <-- UB ``` The Clippy warning for this code was silenced in commit c2fde19caf6149d91faa504263f0bc5cafc35de5. Discovered via https://asan.saethlin.dev/ub?crate=crayon&version=0.7.1

With versions of the whoami crate >= 0.5.3 and < 1.5.0, calling any of these functions leads to an immediate stack buffer overflow on illumos and Solaris: - `whoami::username` - `whoami::realname` - `whoami::username_os` - `whoami::realname_os` With versions of the whoami crate >= 0.5.3 and < 1.0.1, calling any of the above functions also leads to a stack buffer overflow on these platforms: - Bitrig - DragonFlyBSD - FreeBSD - NetBSD - OpenBSD This occurs because of an incorrect definition of the `passwd` struct on those platforms. As a result of this issue, denial of service and data corruption have both been observed in the wild. The issue is possibly exploitable as well. This vulnerability also affects other Unix platforms that aren't Linux or macOS. This issue has been addressed in whoami 1.5.0. For more information, see [this GitHub issue](https://github.com/ardaku/whoami/issues/91).

Due to insufficient checking of input data, decoding certain data sequences can lead to _Decoder::decode_ panicking rather than returning an error. Example code that triggers this vulnerability looks like this: ```rust use hpack::Decoder; pub fn main() { let input = &[0x3f]; let mut decoder = Decoder::new(); let _ = decoder.decode(input); } ``` hpack is unmaintained. A crate with the panics fixed has been published as [hpack-patched](https://crates.io/crates/hpack-patched). Also consider using [fluke-hpack](https://crates.io/crates/fluke-hpack) or [httlib-huffman](https://crates.io/crates/httlib-huffman) as an alternative.

Improving security in the applications that drive the digital economy is a necessary undertaking, requiring ongoing collaboration between the public and private sectors.

Mattermost versions 8.1.x before 8.1.11, 9.3.x before 9.3.3, 9.4.x before 9.4.4, and 9.5.x before 9.5.2 fail to authenticate the source of certain types of post actions, allowing an authenticated attacker to create posts as other users via a crafted post action.

Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 don't limit the number of user preferences which allows an attacker to send a large number of user preferences potentially causing denial of service.

By Owais Sultan Institutions, dApps and users on Flare will now benefit from Hypernative’s industry-leading ecosystem-wide protection suite.  This is a post from HackRead.com Read the original post: Web3 Security Specialist Hypernative To Provide Proactive Protection To The Flare Ecosystem

A Babuk variant has been involved in at least four attacks on VMware EXSi servers in the last six weeks, in one case demanding $140 million from a Chilean data center company.