#web

The function `gix_date::parse::TimeBuf::as_str` can create an illegal string containing non-utf8 characters. This violates the safety invariant of `TimeBuf` and can lead to undefined behavior when consuming the string. The bug can be prevented by adding `str::from_utf8` to the function `TimeBuf::write`.

### Impact An attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the `badkeys` command-line tool. This impacts scanning DKIM keys (both `--dkim` and `--dkim-dns`), SSH keys (`--ssh-lines` mode), and filenames in various modes. ### Patches This has been fixed with the following commits: https://github.com/badkeys/badkeys/commit/de631f69f040974bb5fb442cdab9a1d904c64087 https://github.com/badkeys/badkeys/commit/635a2f3b1b50a895d8b09ec8629efc06189f349a All users should upgrade `badkeys` to version 0.0.16. ### Resources https://github.com/badkeys/badkeys/issues/40

For this to work, users must have administrator access to the Craft Control Panel, and [allowAdminChanges](https://craftcms.com/docs/5.x/reference/config/general.html#allowadminchanges) must be enabled for this to work, which is against Craft CMS' recommendations for any non-dev environment. https://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production Alternatively, a non-administrator account with allowAdminChanges disabled can be used, provided access to the System Messages utility is available. It is possible to craft a malicious payload using the Twig `map` filter in text fields that accept Twig input under Settings in the Craft control panel or using the System Messages utility, which could lead to a RCE. Users should update to the patched versions (5.8.21 and 4.16.17) to mitigate the issue. References: https://github.com/craftcms/cms/commit/d82680f4a05f9576883bb83c3f6243d33ca73ebe https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821...

Security experts at Zenity Labs warn that Anthropic’s new agentic browser extension, Claude in Chrome, could bypass traditional web security, exposing private data and login tokens to potential hijackers.

The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. "This organization has continued to conduct high-intensity intelligence gathering activities against Ukrainian military and government departments in 2025," the 360 Threat Intelligence Center said in

Authenticated users on a Craft installation could potentially expose sensitive assets via their user profile photo via maliciously crafted requests. Users should update to the patched versions (5.8.21 and 4.16.17) to mitigate the issue. Resources: https://github.com/craftcms/cms/commit/4bcb0db554e273b66ce3b75263a13414c2368fc9 https://github.com/craftcms/cms/commit/4bcb0db554e273b66ce3b75263a13414c2368fc9

The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient. "Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy bandwidth, and selling its DDoS functionality," the company said in an analysis published last week. Kimwolf

The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved quietly, reused familiar paths, and kept working longer than anyone wants to admit. This week’s stories share one pattern. Nothing flashy. No single moment. Just steady abuse of trust — updates, extensions,

Modern enterprises depend on AI data pipelines for analytics and automated decision-making. As these pipelines become more integrated…

Featuring: Cybersecurity is being reshaped by forces that extend beyond individual threats or tools. As organizations operate across cloud infrastructure, distributed endpoints, and complex supply chains, security has shifted from a collection of point solutions to a question of architecture, trust, and execution speed. This report examines how core areas of cybersecurity are evolving in