#vulnerability

#Linux #Bash #vulnerability verhindern Auf Sicherheit achten, oder die hacken sich ein und erpressen Verschlüsselung mit rot13 Entschlüsseln mit rot13 Es ist ein Einzeiler für beides, https://gist.github.com/dewomser/084cecfa45d18e1e00df5be6882e48b4 Gegen den überzogenen Sicherheitswahn und die Securityindustrie ! Bin gerade am Überlegen ob ich ein Praxisseminar anbeten soll.🤔 👍

Critical Samba Printing Vulnerability Enables Remote Code Execution

Samba patched a critical remote code execution vulnerability (CVE-2026-4480) in its printing subsystem caused by improper sanitization of the %J substitution parameter. The flaw allows unauthenticated attackers to run arbitrary shell commands by submitting crafted print job descriptions.

If you run Samba file/print servers, immediately upgrade to versions 4.22.10, 4.23.8, or 4.24.3 to patch CVE-2026-4480, or as a quick fix remove the %J parameter from the “print command” line in your smb.conf file. Also disable guest access to printing and make sure your Samba servers are only reachable from trusted internal networks, never directly from the internet. #cybersecurity #infosec #advisory #vulnerability https://beyondmachines.net/event_details/critical-samba-printing-vulnerability-enables-remote-code-execution-o-j-r-w-v/gD2P6Ple2L

📺 https://peer.adalta.social/w/dpr21TWFNsZeq8D6J8Wiwg 🔗 🇩🇪🇺🇸🇫🇷 🔗 ℹ️

Les Attaques par Injection de Prompts devront être une préoccupation majeure pour les applications basées sur des LLM.

#tech #technology #llm #vulnerability #exploit

I couldn’t find a list of #Linux #kernel versions that include a patch for #copyfail, so I dug into the commit log and made one. Make sure you’re using at least the following version of your branch to mitigate against copyfail:

• 7.0-rc7 (any stable 7.x is safe)
• 6.19.12
• 6.18.22
• 6.12.85
• 6.6.137
• 6.1.170
• 5.15.204
• 5.10.254

See https://copy.fail for more info about the #exploit.

#privilegeescalation #vulnerability #cryptography #linuxadmin #sysadmin

Copy Fail: Linux Kernel Flaw Grants Root Access On All Major Distributions

A Linux kernel vulnerability called “Copy Fail” (CVE-2026-31431) allows unprivileged local users to gain root privileges with 100% reliability by corrupting the shared page cache. The flaw affects nearly all Linux distributions since 2017 and enables container escapes because the memory corruption does not modify files on disk.

If you run Linux servers, especially shared environments like Kubernetes clusters, CI/CD runners, or multi-tenant hosts, patch your kernel immediately to a version that includes the fix (mainline commit a664bf3d603d) for CVE-2026-31431. If you can’t patch right away, disable the vulnerable module by running echo “install algif_aead /bin/false” > /etc/modprobe.d/disable-algif.conf followed by rmmod algif_aead, and for untrusted code environments block AF_ALG socket creation via seccomp as a long-term safeguard. #cybersecurity #infosec #advisory #vulnerability https://beyondmachines.net/event_details/copy-fail-linux-kernel-flaw-grants-root-access-on-all-major-distributions-w-l-v-0-c/gD2P6Ple2L

Non-delusional Mythos take https://www.youtube.com/watch?v=m8P7O2BWIp8 #cybersecurity #aisecurity #vulnerability

Headline of the day: "Claude Mythos Finds 271 Firefox Vulnerabilities" Security Week: https://www.securityweek.com/claude-mythos-finds-271-firefox-vulnerabilities/ @SecurityWeek@infosec.exchange #Mozilla #Firefox #Claude #Anthropic #infosec #vulnerability

BlueHammer abuses Windows Defender's update process to gain SYSTEM access https://hackingpassion.com/bluehammer-windows-defender-zero-day/ #HackerNews #BlueHammer #WindowsDefender #ZeroDay #Cybersecurity #Vulnerability #HackingNews

What You Edit Out Reveals Who You Are as a Writer Your revision history actually shows your best writing Continue reading on The Writing Cooperative » https://writingcooperative.com/what-you-edit-out-reveals-who-you-are-as-a-writer-086ccc4ebcf #lifelessons #selfimprovement #writingtips #vulnerability #writing

📢⚠️ Researchers demonstrate multiple attacks against major password managers, including Bitwarden, LastPass, and Dashlane, showing how compromised servers and design flaws can expose encrypted vault data. Read: https://hackread.com/researchers-demonstrate-password-managers-attacks/ #CyberSecurity #PasswordManager #Vulnerability #Privacy

Progress stories ignore our vulnerability to Others. Thinking through self-containment (at any scale) - an essential element of progress literature - negates transformation through encounters and all patterns of confluence and influence. An alternative narrative could be to acknowledge a perpetual state of precarity. A precarious world is a world without progress teleology. Agnostic about where we're going, we might then look for what has been ignored by the current hegemonic story. We are surrounded by many world-making projects; human and not-human. And usually these overlap too. Instead of colonial histories, we must fill both history and future with these 'contamination traditions'. #vulnerability #theOthers #selfcontainment #progressteleology #transformationthroughencounters #TSING

📺 https://peer.adalta.social/w/qce11wDNyBC78tLqnRKmds 🔗 🇩🇪🇺🇸🇫🇷

La configuration d’un système NetBSD en lecture seule atténue un point de vulnérabilité critique souvent négligé : la corruption du système de fichiers sur des supports de stockage peu fiables.

#vulnerability #netbsd #runbsd #ownyourdata #itnotes

📺 https://peer.adalta.social/w/nQCwqAv8Gf7ahWVFEfdz2R 🔗 🇩🇪🇺🇸🇫🇷

A practical guide to hardening embedded systems by eliminating file system write vulnerabilities through a memory-backed root configuration.

#vulnerability #netbsd #runbsd #ownyourdata #itnotes

📺 https://peer.adalta.social/w/bG7GEPHbVSBzsFmeoM1LAD 🔗 🇩🇪🇺🇸🇫🇷

Die Absicherung des Dateisystems als kritische Maßnahme gegen Datenkorruption und Ausfälle

#vulnerability #netbsd #runbsd #ownyourdata #itnotes

High severity authorization #vulnerability in Keycloak:

1. Of course it’s because of JWT
2. If a project with a sole purpose is authn/authz is getting #JWT wrong, you probably are too.

https://github.com/advisories/GHSA-hcvw-475w-8g7p

📺 https://peer.adalta.social/w/ha7u8osqJ9djsMHeNLvuaH 🔗 🇩🇪🇺🇸🇫🇷

Une faille de dépassement de tampon accessible à distance compromet l’intégrité des réseaux, avec un exploit public disponible.

#infosec #vulnerability #cve #exploit #release

📺 https://peer.adalta.social/w/kpVddxKp2FBwhdvJ28fzU2 🔗 🇩🇪🇺🇸🇫🇷

A publicly released exploit for a critical buffer overflow in Tenda routers demands immediate action from network defenders.

#infosec #vulnerability #cve #exploit #release

📺 https://peer.adalta.social/w/jG6JrBKpEnD9cTemxKWzzY 🔗 🇩🇪🇺🇸🇫🇷

Ein veröffentlichter Proof-of-Concept-Exploit für einen Remote-Buffer-Overflow erhöht das Risiko für ungepatchte Netzwerke erheblich.

#infosec #vulnerability #cve #exploit #release

Apparently AMD's AutoUpdate downloads the updates over HTTP and executes them without any validation (presumably as SYSTEM user). AMD was notified of the vulnerability but according to them "attack requiring physical access to victim's computer/device, man in the middle or compromised user accounts" are out of scope. Madness. source: https://mrbruh.com/amd/ #vulnerability #infosec #cybersecurity

📺 https://peer.adalta.social/w/tuYBhErBwiJHz3GM2eKdaS 🔗 🇩🇪🇺🇸🇫🇷

Une faille de sécurité majeure force une mise à jour obligatoire et immédiate pour tous les déploiements.

#linux #security #vulnerability #cloud #docker