Summary

Top Articles:

  • JsonWebToken Security Bug Opens Servers to RCE
  • 'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits
  • Google WordPress Plug-in Bug Allows AWS Metadata Theft
  • Once Again, Malware Discovered Hidden in npm
  • DNC Credentials Compromised by 'IntelFetch' Telegram Bot
  • Hotel Check-in Kiosks Expose Guest Data, Room Keys
  • Linux Kernel Bug Allows Kubernetes Container Escape
  • Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Hotel Check-in Kiosks Expose Guest Data, Room Keys

Published: 2024-06-07 16:55:39

Popularity: 5

Author: Nathan Eddy, Contributing Writer

🤖: "data breach"

CVE-2024-37364 affects hospitality kiosks from Ariane Systems, which are used for self-check-in at more than 3,000 hotels worldwide.

...more

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Published: 2024-03-10 13:13:39

Popularity: None

Author: Nathan Eddy, Contributing Writer

The proof-of-concept exploits for Atlassian Confluence would enable arbitrary code execution without requiring file system access.

...more

'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits

Published: 2023-10-09 20:00:00

Popularity: 40

Author: Nathan Eddy, Contributing Writer, Dark Reading

Following the publication of the critical Linux security vulnerability, security specialists released PoC exploits to test the implications of CVE-2023-4911.

...more

Once Again, Malware Discovered Hidden in npm

Published: 2023-05-18 15:27:00

Popularity: 15

Author: Nathan Eddy, Contributing Writer, Dark Reading

Turkorat-poisoned packages sat in the npm development library for months, researchers say.

...more

JsonWebToken Security Bug Opens Servers to RCE

Published: 2023-01-09 17:45:00

Popularity: 147

Author: Nathan Eddy, Contributing Writer, Dark Reading

The JsonWebToken package plays a big role in the authentication and authorization functionality for many applications.

...more

Google WordPress Plug-in Bug Allows AWS Metadata Theft

Published: 2022-12-22 15:00:01

Popularity: 17

Author: Nathan Eddy, Contributing Writer, Dark Reading

A successful attacker could use the SSRF vulnerability to collect metadata from WordPress sites hosted on an AWS server, and potentially log in to a cloud instance to run commands.

...more

Linux Kernel Bug Allows Kubernetes Container Escape

Published: 2022-01-31 15:27:28

Popularity: 5

Author: Nathan Eddy

Keywords:

  • Container Security
  • Features
  • Latest News
  • News
  • Topics
  • Container Linux
  • container security
  • container vulnerability
  • kubernetes
  • Linux kernel
  • Hackers could exploit a Linux kernel bug to escape Kubernetes containers and access critical resources; however, the threat is minimized as any attacker needs to have the specific Linux capability CAP_SYS_ADMIN. The high-severity Common Vulnerabilities and Exposures (CVE) 2022-0185, first reported by security publication BleepingComputer, affects all Linux kernel versions The post Linux Kernel Bug Allows Kubernetes Container Escape appeared first on Container Journal.

    ...more

    DNC Credentials Compromised by 'IntelFetch' Telegram Bot

    Published: 2024-08-14 10:00:00

    Popularity: 11

    Author: Nathan Eddy, Contributing Writer

    🤖: "Hacked again"

    The Democratic National Convention soon to take place in Chicago, already under heavy security, faces an additional threat in the form of stolen credentials for delegates.

    ...more

    end