April 29, 2024 at 06:48AM Multiple critical security flaws were disclosed in the Judge0 open-source online code execution system, posing a risk of code execution on the target system. The flaws allow a sandbox escape and obtaining root permissions. The vulnerabilities, with CVE scores of 10.0 and 9.1, have been addressed in version 1.13.1 released … Read more
October 30, 2023 at 01:10PM A pro-Hamas hacktivist group has developed a new Linux-based wiper malware called BiBi-Linux Wiper. The malware targets Israeli entities during the ongoing Israeli-Hamas war. BiBi-Linux Wiper is destructive and can potentially destroy an entire operating system if run with root permissions. It overwrites files and renames them with the string … Read more
October 24, 2023 at 10:56AM VMware has alerted customers to the availability of proof-of-concept exploit code for an authentication bypass flaw in vRealize Log Insight (now VMware Aria Operations for Logs). Tracked as CVE-2023-34051, the vulnerability allows unauthenticated attackers to remotely execute code with root permissions. Researchers have released a technical analysis, a proof-of-concept exploit, … Read more