#CybersecurityFlaws

GitHub Vulnerability ‘ArtiPACKED’ Exposes Repositories to Potential Takeover

by

August 15, 2024 at 03:21AM A new attack vector named ArtiPACKED exploits GitHub Actions artifacts, potentially compromising repositories and cloud environments. Palo Alto Networks Unit 42 researchers revealed how misconfigurations and security flaws could lead to the leakage of tokens, opening opportunities for malicious actors to compromise services and push rogue code to production. Vulnerable … Read more

Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

by

April 29, 2024 at 06:48AM Multiple critical security flaws were disclosed in the Judge0 open-source online code execution system, posing a risk of code execution on the target system. The flaws allow a sandbox escape and obtaining root permissions. The vulnerabilities, with CVE scores of 10.0 and 9.1, have been addressed in version 1.13.1 released … Read more