#web

Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say.

Though the exact details of the situation have not been confirmed, community infighting seems to have spilled out in a breach of the notorious image board.

CloudSEK uncovers a sophisticated malware campaign where attackers impersonate PDFCandy.com to distribute the ArechClient2 information stealer. Learn how…

Car rental giant Hertz data suffered a data breach caused by a CL0P ransomware attack on file sharing vendor Cleo

### Summary When creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code repository URL contains GitHub credentials, the confidential PAT and username are shown in plaintext and get saved into browser history. Moreover, if the request URL is logged, the credentials are written to the logs in plaintext. The problematic URL in question is of this form: ``` https://<HOST>/create/component/vcs/?repo=https%3A%2F%2F<GITHUB USERNAME>%3A<GITHUB PAT>%40github.com%2F<REPOSITORY OWNER>%2F<REPOSITORY NAME>.git&project=1&category=&name=<REDACTED>&slug=<REDACTED>&is_glossary=False&vcs=github&source_language=228&license=&source_component=1#existing ``` If using Weblate official Docker image, nginx logs the URL and the token in plaintext: ``` nginx stdout | 127.0.0.1 - - [04/Apr/2025:10:46:54 +0000] "GET /create/component/vcs/?r...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: M2M Gateway Vulnerabilities: Integer Overflow or Wraparound, Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling'), Unquoted Search Path or Element, Untrusted Search Path, Use After Free, Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Missing Release of Memory after Effective Lifetime, Allocation of Resources Without Limits or Throttling, Improper Privilege Management, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), Improper Restriction of Operations within the Bounds of a Memory Buffer, Incorrect Calculation of Buffer Size, Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'), Access of Resource Using Incompatible Type ('Type C...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMOCODE, SIMATIC, SIPLUS, SIDOOR, SIWAREX Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to affect the availability of the devices under certain conditions. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SIMOCODE pro V PROFINET: All versions SIMATIC S7-1200 CPU 1215C AC/DC/Rly (6ES7215-1BG40-0XB0): Versions prior to V4.4 SIPLUS S7-1200 CPU 1215C DC/DC/DC (6AG1215-1AG40-5XB0): Versions prior to V4.4 SIMATIC ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Growatt Equipment: Cloud Applications Vulnerabilities: Cross-site Scripting, Authorization Bypass Through User-Controlled Key, Insufficient Type Distinction, External Control of System or Configuration Setting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to compromise confidentiality, achieve cross-site scripting, or code execution on affected devices. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Growatt products are affected: Growatt cloud portal: Versions prior to 3.6.0 3.2 VULNERABILITY OVERVIEW 3.2.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-79 An authenticated attacker can achieve stored XSS by exploiting improper sanitization of the plant name value while adding or editing a plant. CVE-2025-30511 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.8 has be...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Industrial Edge Device Kit Vulnerability: Weak Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Industrial Edge Device Kit - arm64 V1.19: All versions Industrial Edge Device Kit - x86-64 V1.21: Versions prior to V1.21.1-1 Industrial Edge Device Kit - arm64 V1.17: All versions Industrial Edge Device Kit - arm64 V1.21:...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Runtime Vulnerability: Observable Response Discrepancy 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to list all valid entities and attribute names of a Mendix Runtime-based application. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Mendix Runtime: V10: Versions prior to 10.21 Mendix Runtime V8: All versions Mendix Runtime V9: All versions Mendix Runtime V10.6: All versions Mendix Runtime V10.12: All versions Mendix Runtime V10.1...