Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Spotify, Audible, and Amazon used to push dodgy forex trading sites and more

Cybercriminals are spamming content platforms like Spotify and Amazon with cracks, keygens, and forex trading platforms. We explain why.

Malwarebytes
Open in Source
#web#google#amazon#git
Red Hat Security Advisory 2024-9989-03

Red Hat Security Advisory 2024-9989-03 - An update for python-webob is now available for Red Hat OpenStack Platform 17.1.

Red Hat Security Advisory 2024-9983-03

Red Hat Security Advisory 2024-9983-03 - An update for python-webob is now available for Red Hat OpenStack Platform 17.1.

99% of UAE’s .ae Domains Exposed to Phishing and Spoofing

Only 1.11% of UAE's 37,926 .ae domains have implemented DMARC, leaving most vulnerable to phishing and and spoofing attacks.

“Hilariously insecure”: Andrew Tate’s The Real World breached, 800,000 users affected

Hacktivists have breached Andrew Tate's learning platform The Real World and obtained 794,000 usernames for current and former members, as well as 324,382 email addresses of former clients.

GHSA-6vrw-mpj8-3j59: Duplicate Advisory: Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path

## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5545-r4hg-rj4m. This link is maintained to preserve external references. ## Original Description A vulnerability was found in Keycloak. A user with high privileges could read sensitive information from a Vault file that is not within the expected context. This attacker must have previous high access to the Keycloak server in order to perform resource creation, for example, an LDAP provider configuration and set up a Vault read file, which will only inform whether that file exists or not.

GHSA-j3x3-r585-4qhg: Duplicate Advisory: org.keycloak:keycloak-services has Inefficient Regular Expression Complexity

## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wq8x-cg39-8mrr. This link is maintained to preserve external references. ## Original Description A vulnerability was found in the Keycloak-services package. If untrusted data is passed to the SearchQueryUtils method, it could lead to a denial of service (DoS) scenario by exhausting system resources due to a Regex complexity.

GHSA-f27h-g923-68hw: OpenStack Neutron can use an incorrect ID during policy enforcement

In OpenStack Neutron through 25.0.0, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. NOTE: 935883 has the "Work in Progress" status as of 2024-11-24.

Andrew Tate’s University Breach: 1 Million User Records and Chats Leaked

Andrew Tate’s “The Real World” platform has been breached, again, leaking user data including emails and private chat…

Why New York is a Prime Location for Leading Mobile Development Agencies

New York, the city that never sleeps, is renowned as a global epicentre for innovation, creativity, and business…