SSRF
CISA warns of five-year-old GitLab flaw exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in attacks. GitLab patched this server-side request forgery (SSRF) flaw (tracked as CVE-2021-39935) in December 2021, saying it could allow unauthenticated attackers with no privileges to access the CI Lint API, which is […]
Chainlit AI framework bugs let hackers breach cloud environments
Two high-severity vulnerabilities in Chainlit, a popular open-source framework for building conversational AI applications, allow reading any file on the server and leaking sensitive information. The issues, dubbed ‘ChainLeak’ and discovered by Zafran Labs researchers, can be exploited without user interaction and impact “internet-facing AI systems that are actively deployed across multiple industries, including large […]
Hackers target misconfigured proxies to access paid LLM services
Threat actors are systematically hunting for misconfigured proxy servers that could provide access to commercial large language model (LLM) services. In an ongoing campaign that started in late December, the attackers have probed more than 73 LLM endpoints and generated over 80,000 sessions. According to threat monitoring platform GreyNoise, the threat actors use low-noise prompts to […]
Critical Docker Desktop flaw lets attackers hijack Windows hosts
A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious container, even if the Enhanced Container Isolation (ECI) protection is active. The security issue is a server-side request forgery (SSRF) now identified as CVE-2025-9074, and it received a critical severity rating of 9.3. “A malicious container running on Docker Desktop […]
Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials
A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management (IAM) credentials from the IMDSv1 endpoint. Retrieving IAM credentials allows attackers to escalate their privileges and access S3 buckets or control other AWS services, potentially leading to sensitive data exposure, […]
W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks
A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps. The W3 Total Cache plugin uses multiple caching techniques to optimize a website’s speed, reduce load times, and generally improve its SEO ranking. The flaw is tracked […]
Critical SAP flaw allows remote attackers to bypass authentication
SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the system. The flaw, tracked as CVE-2024-41730 and rated 9.8 as per the CVSS v3.1 system, is a “missing authentication check” bug impacting SAP BusinessObjects Business Intelligence Platform versions 430 and […]