Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Scammers Compromised by Own Malware, Expose $4.67M Operation

CloudSEK uncovered a Pakistan-based family cybercrime network that spread infostealers via pirated software, netting $4.67M and millions of…

HackRead
Open in Source
#web#mac#git#intel
GHSA-3x3q-ghcp-whf7: Template Secret leakage in logs in Scaffolder when using `fetch:template`

### Impact Duplicate logging of the input values in the `fetch:template` action in the Scaffolder meant that some of the secrets were not properly redacted. If you're not passing through `${{ secrets.x }}` to `fetch:template` there is no impact. ### Patches This issue has been resolved in `2.1.1` of the `scaffolder-backend` plugin. ### Workarounds Template Authors can remove the use of `${{ secrets }}` being used as an argument to `fetch:template`. ### References If you have any questions or comments about this advisory: Open an issue in the [Backstage repository](https://github.com/backstage/backstage) Visit our Discord, linked to in [Backstage README](https://github.com/backstage/backstage)

Italian hotels breached for tens of thousands of scanned IDs

A cybercriminal was found selling scanned IDs that were stolen from guests at Italian hotels on underground forums, warned CERT-AGID.

GHSA-9x9c-ghc5-jhw9: @astrojs/node's trailing slash handling causes open redirect issue

### Summary Following https://github.com/withastro/astro/security/advisories/GHSA-cq8c-xv66-36gw, there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios. ### Details Astro 5.12.8 fixed a case where `https://example.com//astro.build/press` would redirect to the external origin `//astro.build/press`. However, with the Node deployment adapter in standalone mode and `trailingSlash` set to `"always"` in the Astro configuration, `https://example.com//astro.build/press` still redirects to `//astro.build/press`. ### Proof of Concept 1. Create a new minimal Astro project (`astro@5.12.8`) 2. Configure it to use the Node adapter (`@astrojs/node@9.4.0`) and force trailing slashes: ```js // astro.config.mjs import { defineConfig } from 'astro/config'; import node from '@astrojs/node'; export default defineConfig({ trailingSlash: 'always', adapter: node({ mode: 'standalone' }), }); ``` 3. Build the site by running `astro build`....

National Public Data returns after massive Social Security Number leak

National Public Data has changed ownership. Does this mean your personal information has changed hands too?

Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools

A Chinese-speaking advanced persistent threat (APT) actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. The activity has been attributed by Cisco Talos to an activity cluster it tracks as UAT-7237, which is believed to be active since at least 2022.

Police Bust Crypto Scammers, Nab Smishing SMS Blaster Operator

Thai police arrest SMS Blaster operator in smishing scam and bust crypto laundering gang moving $30M monthly through…

UAT-7237 targets Taiwanese web hosting infrastructure

Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat (APT) group active since at least 2022, which has significant overlaps with UAT-5918.

New Malvertising Attack Spreads Crypto Stealing PS1Bot Malware

Cisco Talos researchers have discovered a dangerous new malware framework called PS1Bot. Active since early 2025, this sophisticated…

Police & Government Email Access for Sale on Dark Web

Cybercriminals are auctioning off live email credentials, giving other criminals access to sensitive systems, confidential intelligence, and, potentially, a higher success rate than ever.