#web

Nitrogen, a ransomware strain, has emerged as a major threat to organizations worldwide, with a particular focus on…

Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.

A Signature Wrapping attack has been found in samlify <v2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider.

The ABB Cylon FLXeon BACnet controller's /api/uukl.js module implements password verification and update mechanisms using the insecure MD5 hash function alongside weak salt generation via Math.random(). This constitutes a cryptographic vulnerability where password hashes are susceptible to collision and brute-force attacks due to MD5's known weaknesses and the low entropy of the salt. Specifically, in the verify() and change() functions, passwords are hashed using MD5 with predictable, non-cryptographically secure salts, then stored in plaintext-accessible files. This undermines the integrity of the authentication process, enabling attackers with file system access or knowledge of the implementation to precompute hash values or mount dictionary attacks.

A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabilities.

Serviceaide data leak exposes sensitive health info of 500K Catholic Health patients due to misconfigured database; risk of ID theft and fraud.

The Take It Down Act requires platforms to remove instances of “intimate visual depiction” within two days. Free speech advocates warn it could be weaponized to fuel censorship.

DDoSecrets indexes 410GB of breached TeleMessage data, including messages and metadata, from hack tied to unsecured Signal clone used by US government officials.

Sequoia Capital partner Shaun Maguire said in a webinar hosted by Israel’s Defense Ministry that he connected the IDF with SpaceX’s Starlink satellite internet far sooner than believed.

### LibreNMS v25.4.0 suffers from Stored Cross-Site Scripting (XSS) Vulnerability in the 'group name' parameter of the 'http://localhost/poller/groups' form. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. ## ---------------------------------POC----------------------------- Before Setting: Enable 'distributed_poller' in http://localhost/settings/poller/distributed 1. Attacker creates a new poller group and injects the payload in the 'group name' parameter ``` payload: <script>alert('XSS')</script> ``` 2. Victim navigates to the 'http://localhost/addhost' to add a new host 3. The payload is executed code sink: https://github.com/librenms/librenms/blob/25.4.0/includes/html/pages/addhost.inc.php#L284