Hacker News with Generative AI: Vulnerability

Accessing private GitHub repositories via MCP (invariantlabs.ai)
Invariant has discovered a critical vulnerability affecting the widely-used GitHub MCP integration (14k stars on GitHub). The vulnerability allows an attacker to hijack a user's agent via a malicious GitHub Issue, and coerce it into leaking data from private repositories.

Security, GitHub, Software, Vulnerability

110 points by gokhan 32 days ago | 1 comments

GitHub MCP exploited: Accessing private repositories via MCP (invariantlabs.ai)
Invariant has discovered a critical vulnerability affecting the widely-used GitHub MCP integration (14k stars on GitHub). The vulnerability allows an attacker to hijack a user's agent via a malicious GitHub Issue, and coerce it into leaking data from private repositories.

Security, GitHub, Software, Vulnerability

508 points by andy99 32 days ago | 297 comments

Critical Samlify SSO flaw lets attackers log in as admin (bleepingcomputer.com)
A critical Samlify authentication bypass vulnerability has been discovered that allows attackers to impersonate admin users by injecting unsigned malicious assertions into legitimately signed SAML responses.

Security, Vulnerability, SAML, Authentication, Cybersecurity

4 points by noleary 36 days ago | 0 comments

CRLF Injection in `–proxy-header` allows extra HTTP headers (CWE-93) (hackerone.com)

Security, HTTP, Vulnerability, Web Development, CWE

11 points by oblivionsage 38 days ago | 17 comments

Could SSL.com's Latest Vulnerability Lead to Browser Distrust? (trackssl.com)
Earlier this month, we covered the initial report of a critical vulnerability at SSL.com, a widely trusted Certificate Authority (CA).

Cybersecurity, SSL/TLS, Trust, Vulnerability, Certificate Authority

3 points by colinbartlett 41 days ago | 0 comments

Oracle VM VirtualBox – VM Escape via VGA Device (github.com/google)
An integer overflow vulnerability exists within the VirtualBox vmsvga3dSurfaceMipBufferSize [source] function. This vulnerability allows an attacker to manipulate a malloc call such that 0 bytes are allocated while VirtualBox tracks the size of the buffer as a value greater than 0.

Security, Virtualization, Vulnerability, Oracle, VirtualBox

93 points by serhack_ 43 days ago | 47 comments

MS's patch for symlink vulnerability introduces another symlink vulnerability (doublepulsar.com)
Microsoft recently patched CVE-2025–21204, a vuln which allows users to abuse symlinks to elevate privileges using the Windows servicing stack and the c:\inetpub folder.

Security, Microsoft, Vulnerability, Symlinks

8 points by croes 65 days ago | 0 comments

What the Critical Erlang SSH Vulnerability Means for Elixir Developers (paraxial.io)
CVE-2025-32433, an Unauthenticated Remote Code Execution in Erlang/OTP SSH was announced yesterday.

Security, Erlang, Elixir, Programming Languages, Vulnerability

4 points by realcorvus 71 days ago | 0 comments

Over 16,000 Fortinet devices compromised with symlink backdoor (bleepingcomputer.com)
Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices.

Cybersecurity, Fortinet, Vulnerability, Backdoors

8 points by gnabgib 72 days ago | 0 comments

Recently I was targeted by an sophisticated (Google) phishing attack (threadreaderapp.com)
Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here. It exploits a vulnerability in Google's infrastructure, and given their refusal to fix it, we're likely to see it a lot more. Here's the email I got:

Phishing, Google, Security, Vulnerability

5 points by mikexstudios 72 days ago | 1 comments

Microsoft fixes 124 flaws, including one under active exploitation (scworld.com)
Microsoft is experiencing a busy spring as it delivered 124 security vulnerability fixes to administrators in the latest edition of its Update Tuesday security release schedule.

Security, Software, Microsoft, Vulnerability, Patching

10 points by LinuxBender 79 days ago | 1 comments

One Bug Wasn't Enough: Escalating Twice Through SAP's Setuid Landscape (anvilsecure.com)
It's not every day you get a chance to one-up your CTO and co-founder of the company you work for. In 2020, Vincent Berg published a blog post describing a vulnerability he found affecting an SAP setuid binary while preparing for a client project. Combined with an insecure NFS configuration, he was able to compromise a dozen UNIX machines during that client engagement.

Security, Software, Vulnerability, SAP

73 points by tlxio 79 days ago | 9 comments

Max severity RCE flaw discovered in widely used Apache Parquet (bleepingcomputer.com)
A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0.

Security, Apache Parquet, Vulnerability

174 points by andy99 82 days ago | 78 comments

Linux Kernel Defence Map – Security Hardening Concepts (github.com/a13xp0p0v)
Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies

Linux, Security, Kernel, Vulnerability, Defense

158 points by transpute 83 days ago | 20 comments

Atop 2.11 heap problems (openwall.com)
CVE-2025-31160 Atop 2.11 heap problems

Security, Software, Vulnerability

170 points by baggy_trough 90 days ago | 81 comments

Mozilla warns Windows users of critical Firefox sandbox escape flaw (bleepingcomputer.com)
Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems.

Security, Firefox, Windows, Software, Vulnerability

6 points by akyuu 92 days ago | 2 comments

Ungovernable, Capricious Life (nybooks.com)
The sense of vulnerability is crushing, but it is also one of the characteristics Kureishi reveals about himself that makes him so likable here, and the writing so intimate.

Vulnerability, Writing, Biography, Literature, Personal Essays

6 points by mitchbob 95 days ago | 7 comments

As an engineer, I'd rather be called stupid than stay silent (shiftmag.dev)
Letting myself be vulnerable and ask stupid questions actually helped me grow in my engineering career.

Engineering, Vulnerability, Growth, Communication

41 points by codeman001 99 days ago | 14 comments

CVE-2024-9956 – PassKey Account Takeover in All Mobile Browsers (mastersplinter.work)
In this blogpost I will go over a vulnerability I found in all major mobile browsers that allowed an attacker within Bluetooth range to take over PassKeys accounts by triggering FIDO:/ intents.

Security, Mobile Browsers, Vulnerability, Bluetooth

243 points by rbanffy 101 days ago | 116 comments

CVE-2025-27363: out of bounds write in FreeType <= 2.13.0 (openwall.com)
An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files.

Security, Software, Vulnerability, FreeType

6 points by mmsc 106 days ago | 1 comments

Vulnerability in partner.microsoft.com allows unauthenticated access (nist.gov)
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.

Cybersecurity, Microsoft, Vulnerability

18 points by speckx 114 days ago | 0 comments

Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China [pdf] (gfw.report)

Cybersecurity, China, Vulnerability, Network Security

10 points by luu 114 days ago | 0 comments

I hacked my company's SSO provider (mattsayar.com)
I never thought I'd stumble across a previously-undiscovered vulnerability, much less one in security software.

Security, Hacking, Software, Vulnerability

20 points by MattSayar 115 days ago | 6 comments

Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China (gfw.report)
We present Wallbleed, a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China.

Security, China, Network Security, Vulnerability

14 points by complexpass 116 days ago | 0 comments

How to gain code execution on hundreds of millions of people and popular apps (kibty.town)

Security, Hacking, Software, Vulnerability, Code Execution

1156 points by xyzeva 119 days ago | 319 comments

Musl Libc: input-controlled out-of-bounds write primitive in iconv (openwall.com)
A vulnerability has been identified in musl libc's implementation of iconv that can result in out-of-bounds memory writes in applications which process untrusted input using iconv and where the input charset for the conversion is input-controlled.

Security, Software, Vulnerability, Linux

7 points by sgammon 120 days ago | 0 comments

MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (marc.info)
We discovered two vulnerabilities in OpenSSH:

Security, OpenSSH, Vulnerability

6 points by birdculture 129 days ago | 0 comments

Juniper Networks Routers API Authentication Bypass Vulnerability (juniper.net)
Loading×Sorry to interruptCSS ErrorRefresh

Cybersecurity, Network Security, Vulnerability, Juniper Networks, Routers

3 points by zdw 129 days ago | 0 comments

CVE-2025-26519: musl Libc: input-controlled out-of-bounds write (openwall.com)
A vulnerability has been identified in musl libc's implementation of iconv that can result in out-of-bounds memory writes in applications which process untrusted input using iconv and where the input charset for the conversion is input-controlled.

Security, Software, Vulnerability, Linux

12 points by fossdd 134 days ago | 1 comments

Router maker Zyxel tells customers to replace vulnerable hardware (techcrunch.com)
Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.

Cybersecurity, Hardware, Vulnerability, Taiwan

4 points by impish9208 142 days ago | 1 comments