Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
‘It’s Total Chaos Internally at Meta Right Now’: Employees Protest Zuckerberg’s Anti LGBTQ Changes
Description: Meta's decision to specifically allow users to call LGBTQ+ people "mentally ill" has sparked widespread backlash at the company.
Source: 404 Media
January 9th, 2025 (4 months ago)
Do we still have to keep doing it like this?
Description: Hazel gets inspired by watching Wendy Nather’s recent keynote, and explores ways to challenge security assumptions.
Source: Cisco Talos Blog
January 9th, 2025 (4 months ago)
Catalonia City Local Police Data Allegedly for Sale by Threat Actor Jackyseller
Description: Catalonia City Local Police Data Allegedly for Sale by Threat Actor Jackyseller
Source: DarkWebInformer
January 9th, 2025 (4 months ago)
Anonymous Guys Targets Ukrainian Government Websites in DDoS Attack
Description: Anonymous Guys Targets Ukrainian Government Websites in DDoS Attack
Source: DarkWebInformer
January 9th, 2025 (4 months ago)
People Think AI Images of Hollywood Sign Burning Are Real
Description: AI generated slop is tricking people into thinking an already devastating series of wildfires in Los Angeles are even worse than they are — and using it to score political points. 
Source: 404 Media
January 9th, 2025 (4 months ago)
[strawberry-graphql] Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect ty...
Description: Vulnerability Summary A type confusion vulnerability exists in Strawberry GraphQL's relay integration that affects multiple ORM integrations (Django, SQLAlchemy, Pydantic). The vulnerability occurs when multiple GraphQL types are mapped to the same underlying model while using the relay node interface. Affected Components Strawberry GraphQL relay integration Specifically impacts implementations using: Django integration SQLAlchemy integration Pydantic integration Technical Details The vulnerability manifests when: Multiple GraphQL types inherit from relay.Node These types are mapped to the same database model The global node field is used for type resolution Example of vulnerable code: from fruits.models import Fruit import strawberry_django import strawberry @strawberry_django.type(Fruit) class FruitType(relay.Node): name: strawberry.auto @strawberry_django.type(Fruit) class SpecialFruitType(relay.Node): secret_name: strawberry.auto @strawberry.type class Query: node: relay.Node = strawberry_django.node() Security Impact When querying for a specific type using the global node field (e.g., FruitType:some-id), the resolver may incorrectly return an instance of a different type mapped to the same model (e.g., SpecialFruitType). This can lead to: Information disclosure if the alternate type exposes sensitive fields Potential privilege escalation if the alternate type contains data intended for restricted access Note Even with knowledge of the correct t...
Source: Github Advisory Database (PIP)
January 9th, 2025 (4 months ago)
Banshee stealer evades detection using Apple XProtect encryption algo
Description: A new version of the Banshee info-stealing malware for macOS has been evading detection over the past two months by adopting string encryption from Apple's XProtect. [...]
Source: BleepingComputer
January 9th, 2025 (4 months ago)
[Darknetlive Archive] Italian Man Allegedly Hired a Hitman on the Darkweb
Description: [Darknetlive Archive] Italian Man Allegedly Hired a Hitman on the Darkweb
Source: DarkWebInformer
January 9th, 2025 (4 months ago)
Microsoft fixes OneDrive bug causing macOS app freezes
Description: ​Microsoft has fixed a known issue causing macOS applications to freeze when opening or saving files in OneDrive. [...]
Source: BleepingComputer
January 9th, 2025 (4 months ago)
[github.com/MicahParks/jwkset] JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh
Description: Impact The project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. The current behavior is to overwrite or append. This is a security issue for use cases that utilize the provided auto-caching HTTP client and where key removal from a JWK Set is equivalent to revocation. Example attack scenario: An attacker has stolen the private key for a key published in JWK Set. The publishers of that JWK Set remove that key from the JWK Set. Enough time has passed that the program using the auto-caching HTTP client found in github.com/MicahParks/jwkset v0.5.0-v0.5.21 has elapsed its HTTPClientStorageOptions.RefreshInterval duration, causing a refresh of the remote JWK Set. The attacker is signing content (such as JWTs) with the stolen private key and the system has no other forms of revocation. Patches The affected auto-caching HTTP client was added in version v0.5.0 and fixed in v0.6.0. Upgrade to v0.6.0 or later. Workarounds The only workaround would be to remove the provided auto-caching HTTP client and replace it with a custom implementation. This involves setting the HTTPClientStorageOptions.RefreshInterval to zero (or not specifying the value). Upgrade to v0.6.0 is advised. References Please see the tracking issue on GitHub for additional details: https://github.com/MicahParks/jwkset/issues/40 References https://github.com/MicahParks/jwkset/security/advisories/GHSA-675f-rq2r-jw82 https://github.com/Micah...
Source: Github Advisory Database (Go)
January 9th, 2025 (4 months ago)