#web

Cybersecurity researchers are warning about a new malware called DslogdRAT that's installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). The malware, along with a web shell, were "installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024," JPCERT/CC researcher Yuma

In this episode of Uncanny Valley, our hosts explain how to prepare for travel to and from the United States—and how to stay safe.

Blue Shield of California exposed the health data of 4.7 million members to Google for years due to…

### Impact A leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. ### Details HTTP/1.1 Chunked-Encoding bodies are formatted as a sequence of "chunks", each of which consists of: - chunk length - `\r\n` - `length` bytes of content - `\r\n` In versions of h11 up to 0.14.0, h11 instead parsed them as: - chunk length - `\r\n` - `length` bytes of content - any two bytes i.e. it did not validate that the trailing `\r\n` bytes were correct, and if you put 2 bytes of garbage there it would be accepted, instead of correctly rejecting the body as malformed. By itself this is harmless. However, suppose you have a proxy or reverse-proxy that tries to analyze HTTP requests, and your proxy has a _different_ bug in parsing Chunked-Encoding, acting as if the format is: - chunk length - `\r\n` - `length` bytes of content - more bytes of content, as many as it takes until you find a `\r\n` For ex...

### Summary An unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthenticated user to crash a tRPC 11 WebSocket server. ### Details Any tRPC 11 server with WebSocket enabled with a `createContext` method set is vulnerable. Here is an example: https://github.com/user-attachments/assets/ce1b2d32-6103-4e54-8446-51535b293b05 I have a working reproduction here if you would like to test: https://github.com/lukechilds/trpc-vuln-reproduction The connectionParams logic introduced in https://github.com/trpc/trpc/pull/5839 does not safely handle invalid connectionParams objects. During validation if the object does not match an expected shape an error will be thrown: https://github.com/trpc/trpc/blob/8cef54eaf95d8abc8484fe1d454b6620eeb57f2f/packages/server/src/unstable-core-do-not-import/http/parseConnectionParams.ts#L27-L33 This is called during WebSocket connection setup inside `createCtxPromise()` here: https://...

Blockchain infrastructure provider dRPC has announced the launch of a NodeHaus platform that enables chain foundations unprecedented control…

Blue Shield of California said it accidentally leaked the personal data of 4.7 million individuals to Google after a Google Analytics misconfiguration.

SessionShark phishing kit bypasses Office 365 MFA by stealing session tokens. Experts warn of real-time attacks via fake…

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vestel Equipment: AC Charger Vulnerability: Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access to sensitive information, such as credentials which could subsequently enable them to cause a denial of service or partial loss of integrity of the charger. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of AC Charger are affected: AC Charger EVC04: Version 3.75.0 3.2 VULNERABILITY OVERVIEW 3.2.1 EXPOSURE OF SENSITIVE SYSTEM INFORMATION TO AN UNAUTHORIZED CONTROL SPHERE CWE-497 Affected versions of Vestel AC Charger contains a vulnerability that could enable an attacker to access files containing sensitive information, such as credentials which could be used to further compromise the device. CVE-2025-3606 has been assigned to this vulnerability. A CVSS ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: ALBEDO Telecom Equipment: Net.Time - PTP/NTP clock Vulnerability: Insufficient Session Expiration 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of Net.Time - PTP/NTP clock is affected: Net.Time - PTP/NTP clock (Serial No. NBC0081P): Software release 1.4.4 3.2 VULNERABILITY OVERVIEW 3.2.1 INSUFFICIENT SESSION EXPIRATION CWE-613 The affected product is vulnerable to an insufficient session expiration vulnerability, which could permit an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception. CVE-2025-2185 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.0 has been calculated; the C...