Mar 18, 2025Ravie LakshmananAI Security / Software Security Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code. "This technique enables hackers to silently compromise AI-generated code … [Read more...] about New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
CODE
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution
Mar 06, 2025Ravie LakshmananData Security / Software Security Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-25012, carries a CVSS score of 9.9 out of a maximum of 10.0. It has been … [Read more...] about Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution
Malicious code in fake GitHub repositories
Can you imagine a world where, every time you wanted to go somewhere, you had to reinvent the wheel and build a bicycle from scratch? We can’t either. Why reinvent something that already exists and works perfectly well? The same logic applies to programming: developers face routine tasks every day, and instead of inventing their own wheels and bicycles (which might even be not … [Read more...] about Malicious code in fake GitHub repositories
New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution
Feb 14, 2025Ravie LakshmananVulnerability / DevOps Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. "If executed at scale, this attack could be used to gain access to thousands of … [Read more...] about New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution
Meta’s Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks
A high-severity security flaw has been disclosed in Meta's Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack inference server. The vulnerability, tracked as CVE-2024-50050, has been assigned a CVSS score of 6.3 out of 10.0. Supply chain security firm Snyk, on the other hand, has … [Read more...] about Meta’s Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution
Jan 04, 2025Ravie LakshmananVulnerability / Software Security A high-severity security flaw has been disclosed in ProjectDiscovery's Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a … [Read more...] about Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution
Building confidence through code: How Saarika Bhasi restarted her career in tech
Saarika Bhasi, now a software engineer II at Elastic, didn’t always envision herself in the tech industry. In fact, she was initially hesitant to commit to a career in software engineering. However, her passion for problem solving and building solutions from scratch sparked a deep interest in the field. “You can really develop something and see the result right in front of … [Read more...] about Building confidence through code: How Saarika Bhasi restarted her career in tech
Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution
Sep 16, 2024Ravie LakshmananCloud Security / Vulnerability A now-patched critical security flaw impacting Google Cloud Platform (GCP) Composer could have been exploited to achieve remote code execution on cloud servers by means of a supply chain attack technique called dependency confusion. The vulnerability has been codenamed CloudImposer by Tenable Research. "The … [Read more...] about Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution
New PHP Vulnerability Exposes Windows Servers to Remote Code Execution
Jun 08, 2024NewsroomVulnerability / Programming Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating … [Read more...] about New PHP Vulnerability Exposes Windows Servers to Remote Code Execution
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution
May 06, 2024NewsroomVulnerability / Server Security More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that's vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which described it as a use-after-free … [Read more...] about Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution