PoC Exploit for Zero-Click Vulnerability Made Available to the Masses

August 27, 2024 at 05:06PM Security researcher “Ynwarcs” has disclosed a zero-click vulnerability in Windows TCP/IP, known as CVE-2024-38063, allowing remote code execution on systems with IPv6 enabled. The exploit affects Windows 10, 11, and Server, with an available proof-of-concept on GitHub. Users are urged to apply Microsoft’s latest security updates promptly. Meeting Notes Summary: … Read more

GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges

August 22, 2024 at 02:00AM GitHub has addressed three security flaws in its Enterprise Server product, including a critical bug (CVE-2024-6800) that could grant an attacker site administrator privileges. Two medium-severity flaws have also been resolved (CVE-2024-7711, CVE-2024-6337). Users are urged to update to the latest versions (3.13.3, 3.12.8, 3.11.14, and 3.10.16) to mitigate potential … Read more

GitHub Makes Copilot Autofix Generally Available

August 15, 2024 at 05:09AM GitHub has launched Copilot Autofix, an AI-powered vulnerability remediation feature. It offers fix suggestions for various security defects, helping developers to address bugs in their code faster. During the public beta, it was found that developers were fixing vulnerabilities more than three times faster than manually. It will be available … Read more

GitHub Attack Vector Cracks Open Google, Microsoft, AWS Projects

August 14, 2024 at 01:31PM Researchers discovered an attack exploiting GitHub Actions artifacts, affecting open source projects of major companies like Google, Microsoft, and Amazon. This could have compromised millions of consumers, leaking tokens and allowing malicious actors to push code to production. The findings underscore the need for a holistic security approach and reevaluation … Read more

GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks

July 15, 2024 at 01:06PM Cybersecurity researchers found a leaked GitHub token that could have enabled elevated access to Python repositories. JFrog discovered the token in a public Docker container and immediately revoked it after disclosure. Checkmarx also uncovered malicious packages on PyPI designed to extract sensitive information to a Telegram bot. No evidence shows … Read more

Trojanized JQuery Packages Spread via ‘Complex’ Supply Chain Attack

July 9, 2024 at 12:13PM Cyberattackers are targeting JavaScript developers with a supply chain attack distributing Trojanized jQuery packages across GitHub, npm, and jsDelivr repositories. The attackers exhibit an unusual lack of nomenclature and attribution, with a manual assembly and publication of each package. The attack, requiring specific user actions to trigger, emphasizes the need … Read more

‘CloudSorcerer’ Leverages Cloud Services in Cyber-Espionage Campaign

July 8, 2024 at 05:43PM A new cyber espionage actor, “CloudSorcerer,” is targeting Russian government organizations with sophisticated malware, leveraging public cloud services for C2 and purposes. The group’s primary malware tool has multiple functions including covert monitoring and data collection, and it dynamically adapts its behavior based on its execution context, posing a challenge … Read more

Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program

July 1, 2024 at 10:06AM Google has introduced kvmCTF, a bug bounty program for the KVM hypervisor, offering significant rewards for vulnerabilities. Participants can attempt to conduct guest-to-host attacks in a lab environment, with potential payouts including $250,000 for a full VM escape. The program aims to enhance the security of widely used virtualization technology. … Read more

Dev rejects CVE severity, makes his GitHub repo read-only

June 30, 2024 at 10:43AM The ‘ip’ open-source project’s GitHub repository was archived by its developer, Fedor Indutny, due to dubious or bogus CVE reports being filed against it. The ‘node-ip’ GitHub repository was also made read-only, limiting interactions. Indutny disputed the severity of the CVE and raised concerns about the influx of unverified vulnerability … Read more

Dev makes his GitHub repo read-only after “dubious” CVE report

June 30, 2024 at 10:35AM The widely used ‘ip’ open-source project had its GitHub repository made “read-only” after developer Fedor Indutny received a dubious CVE report and experienced increased scrutiny due to a vulnerability in the ‘node-ip’ project, affecting JavaScript developers. This pattern of inflated CVE reports is causing frustration for developers and clouding the … Read more