HackerOne bug report to GitLab: GitLab-Runner, when running on Windows with a docker executor, is vulnerable to Command Injection via the DOCKER_AUTH_CONFIG build variable. Injected…
LockBit gang claimed responsibility for the attack on City of Wichita Pierluigi Paganini May 08, 2024 The LockBit ransomware group has added the City of…
F5 has fixed two high-severity BIG-IP Next Central Manager vulnerabilities, which can be exploited to gain admin control and create hidden rogue accounts on any…
New TunnelVision technique can bypass the VPN encapsulation Pierluigi Paganini May 08, 2024 TunnelVision is a new VPN bypass technique that enables threat actors to…
Police in Northern Ireland ran a rolling program to monitor the telephone records of “trouble making journalists”, a tribunal heard. Journalists that “were perceived to…
announcement-date: 2020-11-17 id: KCSA-CVE-2020-28914 title: Kata Containers Improper file permissions for read-only volumes description: An improper file permissions vulnerability affects Kata Containers prior to 1.11.5.…
Microsoft has confirmed that last month’s Windows Server security updates may also cause domain controller reboots after the Local Security Authority Subsystem Service (LSASS) process…
House Intelligence Committee chair Mike Turner and ranking member Jim Himes blasted out invitations announcing a “bipartisan celebration” of the 702 program’s continuation last week.…
An IT outage that caused the automated passport control e-gates at airports across the UK to crash on 7 May – leading to long delays…
Image: Midjourney The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card…
Ensuring adherence to GDPR, the ANY RUN sandbox service employs TLS 1.3 for data in transit and AES-256 for data at rest; it is hosted…
WordPress websites have been under attack lately, with a surge of malicious JavaScript being injected using vulnerable versions of the LiteSpeed Cache plugin, claim Automattic’s…
