Hacker News with Generative AI: Vulnerabilities

Zero Day in Microchip SAM Microcontrollers (recessim.com)
This write-up will cover analysis of the Microchip (ATMEL) SAM4C32 microcontroller vulnerability that allows an attacker to gain unlocked JTAG access to a previously locked device.

Security, Microcontrollers, Vulnerabilities, Hardware

59 points by BitBangingBytes 7 hours ago | 18 comments

Microsoft reports several bootloader vulnerabilities (microsoft.com)
By leveraging Microsoft Security Copilot to expedite the vulnerability discovery process, Microsoft Threat Intelligence uncovered several vulnerabilities in multiple open-source bootloaders, impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot as well as IoT devices.

Security, Vulnerabilities, Open Source, UEFI

19 points by hacknslack 2 days ago | 3 comments

Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX (wiz.io)
Wiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover. This attack vector has been assigned a CVSS v3.1 base score of 9.8.

Cybersecurity, Kubernetes, Vulnerabilities

79 points by puppion 9 days ago | 11 comments

RCE Vulnerabilities in K8s Ingress Nginx (9.8 CVE for ingress-Nginx) (wiz.io)
Wiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover. This attack vector has been assigned a CVSS v3.1 base score of 9.8.

Cybersecurity, Kubernetes, Vulnerabilities, Ingress Nginx

11 points by todsacerdoti 9 days ago | 1 comments

Leaking Passwords and more on macOS (wts.dev)
This article discusses a vulnerability, CVE-2024-54471, that was patched as part of the Apple security releases: macOS Sequoia 15.1, macOS Sonoma 14.7.1, and macOS Ventura 13.7.1 (all released on October 28th, 2024). If you use a macOS device and are not on one of these updated versions: update now!

Security, macOS, Vulnerabilities

325 points by nmgycombinator 13 days ago | 62 comments

Grease: An Open-Source Tool for Uncovering Hidden Vulnerabilities in Binary Code (galois.com)
Proactively and defensively ensuring the absence of vulnerabilities in binary code is crucial for deploying high-assurance systems. GREASE is an open-source tool leveraging under-constrained symbolic execution to help software reverse engineers analyze binaries and uncover hard-to-spot bugs, ultimately enhancing system security. This kind of binary analysis is especially important for systems that include COTS software that is only provided in binary form.

Security, Software Engineering, Open Source, Binary Analysis, Vulnerabilities

116 points by thinkmoore 13 days ago | 12 comments

Sign in as anyone: Bypassing SAML SSO authentication with parser differentials (github.blog)
Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) were discovered in ruby-saml up to version 1.17.0. Attackers who are in possession of a single valid signature that was created with the key used to validate SAML responses or assertions of the targeted organization can use it to construct SAML assertions themselves and are in turn able to log in as any user.

Security, Authentication, SAML, Ruby, Vulnerabilities

312 points by campuscodi 18 days ago | 123 comments

Broadcom urges VMware customers to patch 'emergency' zero-day bugs (techcrunch.com)
U.S. technology giant Broadcom is warning that a trio of VMware vulnerabilities are being actively exploited by malicious hackers to compromise the networks of its corporate customers.

Cybersecurity, Software, Vulnerabilities, Zero-Day Exploits

5 points by jatwork 28 days ago | 0 comments

Threat posed by new VMware hyperjacking vulnerabilities is hard to overstate (arstechnica.com)
Three critical vulnerabilities in multiple virtual-machine products from VMware can give hackers unusually broad access to some of the most sensitive environments inside multiple customers’ networks, the company and outside researchers warned Tuesday.

Cybersecurity, VMware, Vulnerabilities, Security Research

7 points by jnord 29 days ago | 0 comments

Hash Denial-of-Service Attack in Multiple QUIC Implementations (github.com/ncc-pbottine)
This technical advisory describes a class of vulnerabilities affecting several QUIC implementations.

Security, Networking, QUIC, Vulnerabilities

4 points by weinzierl 33 days ago | 2 comments

Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China (gfw.report)
We present Wallbleed, a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China.

Security, China, Networking, Vulnerabilities

8 points by bjin 36 days ago | 0 comments

An illustrated guide to the Kaminsky DNS vulnerability (2008) (unixwiz.net)
The big security news of Summer 2008 has been Dan Kaminsky's discovery of a serious vulnerability in DNS. This vulnerability could allow an attacker to redirect network clients to alternate servers of his own choosing, presumably for ill ends.

Security, Networking, DNS, Vulnerabilities

25 points by amidtheperf 37 days ago | 6 comments

Critical PostgreSQL bug tied to zero-day attack on US Treasury (theregister.com)
A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.

Cybersecurity, Databases, Government, Vulnerabilities, Zero-Day Exploits

19 points by rntn 47 days ago | 11 comments

7-Zip 0-day was exploited in Russia's ongoing invasion of Ukraine (arstechnica.com)
Researchers said they recently discovered a zero-day vulnerability in the 7-Zip archiving utility that was actively exploited as part of Russia's ongoing invasion of Ukraine.

Cybersecurity, Ukraine, Russia, Software, Vulnerabilities

7 points by pitwin 56 days ago | 1 comments

7-Zip 0-day was exploited in Russia's ongoing invasion of Ukraine (arstechnica.com)
Researchers said they recently discovered a zero-day vulnerability in the 7-Zip archiving utility that was actively exploited as part of Russia's ongoing invasion of Ukraine.

Cybersecurity, Ukraine, Russia, 7-Zip, Vulnerabilities

12 points by LinuxBender 56 days ago | 1 comments

A look at the recent rsync vulnerability (lwn.net)

Security, Linux, Vulnerabilities

6 points by belter 58 days ago | 0 comments

Patient Monitor Contec CMS8000 Contains a Backdoor (cisa.gov)
This fact sheet details an analysis of three firmware package versions of the Contec CMS8000, a patient monitor used by the U.S. Healthcare and Public Health (HPH) sector. Analysts discovered that an embedded backdoor function with a hard-coded IP address, CWE – 912: Hidden Functionality (CVE-2025-0626), and functionality that enables patient data spillage, CWE – 359: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2025-0683), exists in all versions analyzed.

Cybersecurity, Healthcare, Vulnerabilities, Firmware, Backdoors

59 points by doener 61 days ago | 12 comments

Apple fixes this year's first actively exploited zero-day bug (bleepingcomputer.com)
Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users.

Security, Apple, Vulnerabilities, Zero-day

6 points by croes 64 days ago | 0 comments

Over 660k Rsync servers exposed to code execution attacks (bleepingcomputer.com)
Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers.

Security, Server Security, Vulnerabilities

20 points by nimar 76 days ago | 5 comments

Rsync vulnerabilities (openwall.com)
Two independent groups of researchers have identified a total of 6 vulnerabilities in rsync. In the most severe CVE, an attacker only requires anonymous read access to a rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on.

Security, Vulnerabilities, Software, Open Source

148 points by pavodive 78 days ago | 23 comments

Rsync: Vulnerabilities (openwall.com)
Two independent groups of researchers have identified a total of 6 vulnerabilities in rsync. In the most severe CVE, an attacker only requires anonymous read access to a rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on.

Security, Vulnerabilities, Software, Networking

32 points by todsacerdoti 78 days ago | 4 comments

Oasis Security Research Team Discovers Microsoft Azure MFA Bypass (oasis.security)
Oasis Security's research team uncovered a critical vulnerability in Microsoft's Multi-Factor Authentication (MFA) implementation, allowing attackers to bypass it and gain unauthorized access to the user’s account, including Outlook emails, OneDrive files, Teams chats, Azure Cloud, and more. Microsoft has more than 400 million paid Office 365 seats, making the consequences of this vulnerability far-reaching.

Cybersecurity, Microsoft Azure, MFA, Vulnerabilities, Cloud Security

33 points by doener 111 days ago | 43 comments

AMD's trusted execution environment blown wide open by new BadRAM attack (arstechnica.com)
One of the oldest maxims in hacking is that once an attacker has physical access to a device, it’s game over for its security.

Security, AMD, Hardware, Vulnerabilities, Hacking

144 points by alecco 113 days ago | 45 comments

Analyzing an iOS vulnerability that could expose sensitive data to attackers (jamf.com)
Jamf Threat Labs has discovered a bypass vulnerability in the Transparency, Consent and Control (TCC) subsystem in iOS that fails to notify users when another application tries to access sensitive information such as photos, GPS location, contacts and more. Read on to learn more about our findings.

Security, iOS, Vulnerabilities, Mobile Devices

8 points by edmn 113 days ago | 0 comments

Working with PaloAlto to identify CVE-2024-2550 (ac3.com.au)
AC3 are a secure managed services provider focused on building, running and security mission critical environments.

Security, Vulnerabilities, Managed Services

42 points by lidder86 122 days ago | 19 comments

Synology patches unannounced multiple zero-day vulnerabilities (synology.com)
The vulnerability reported in ZDI-CAN-25403 allows remote attackers to execute arbitrary code.

Security, Vulnerabilities, Zero-day, Synology, Patching

62 points by guiambros 125 days ago | 11 comments

7-Zip Remote Code Execution Vulnerability Analysis (CVE-2024-11477) [video] (youtube.com)

Security, Vulnerabilities, 7-Zip, Video

4 points by akyuu 126 days ago | 1 comments

Listen to the whispers: web timing attacks that work (portswigger.net)
Websites are riddled with timing oracles eager to divulge their innermost secrets. It's time we started listening to them.

Security, Web Development, Vulnerabilities

188 points by saikatsg 132 days ago | 33 comments

Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root (bleepingcomputer.com)
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced over 10 years ago in version 21.04.

Security, Ubuntu, Linux, Vulnerabilities

14 points by gregjor 133 days ago | 7 comments

A new vulnerability on IPv6 parsing in linux (nist.gov)
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address

Security, Linux, Networking, Vulnerabilities

36 points by flyahn06 141 days ago | 5 comments