Hacker News with Generative AI: Vulnerability

MS's patch for symlink vulnerability introduces another symlink vulnerability (doublepulsar.com)
Microsoft recently patched CVE-2025–21204, a vuln which allows users to abuse symlinks to elevate privileges using the Windows servicing stack and the c:\inetpub folder.
What the Critical Erlang SSH Vulnerability Means for Elixir Developers (paraxial.io)
CVE-2025-32433, an Unauthenticated Remote Code Execution in Erlang/OTP SSH was announced yesterday.
Over 16,000 Fortinet devices compromised with symlink backdoor (bleepingcomputer.com)
Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices.
Recently I was targeted by an sophisticated (Google) phishing attack (threadreaderapp.com)
Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here. It exploits a vulnerability in Google's infrastructure, and given their refusal to fix it, we're likely to see it a lot more. Here's the email I got:
Microsoft fixes 124 flaws, including one under active exploitation (scworld.com)
Microsoft is experiencing a busy spring as it delivered 124 security vulnerability fixes to administrators in the latest edition of its Update Tuesday security release schedule.
One Bug Wasn't Enough: Escalating Twice Through SAP's Setuid Landscape (anvilsecure.com)
It's not every day you get a chance to one-up your CTO and co-founder of the company you work for. In 2020, Vincent Berg published a blog post describing a vulnerability he found affecting an SAP setuid binary while preparing for a client project. Combined with an insecure NFS configuration, he was able to compromise a dozen UNIX machines during that client engagement.
Max severity RCE flaw discovered in widely used Apache Parquet (bleepingcomputer.com)
A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0.
Linux Kernel Defence Map – Security Hardening Concepts (github.com/a13xp0p0v)
Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies
Atop 2.11 heap problems (openwall.com)
CVE-2025-31160 Atop 2.11 heap problems
Mozilla warns Windows users of critical Firefox sandbox escape flaw (bleepingcomputer.com)
Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems.
Ungovernable, Capricious Life (nybooks.com)
The sense of vulnerability is crushing, but it is also one of the characteristics Kureishi reveals about himself that makes him so likable here, and the writing so intimate.
As an engineer, I'd rather be called stupid than stay silent (shiftmag.dev)
Letting myself be vulnerable and ask stupid questions actually helped me grow in my engineering career.
CVE-2024-9956 – PassKey Account Takeover in All Mobile Browsers (mastersplinter.work)
In this blogpost I will go over a vulnerability I found in all major mobile browsers that allowed an attacker within Bluetooth range to take over PassKeys accounts by triggering FIDO:/ intents.
CVE-2025-27363: out of bounds write in FreeType <= 2.13.0 (openwall.com)
An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files.
Vulnerability in partner.microsoft.com allows unauthenticated access (nist.gov)
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China [pdf] (gfw.report)
I hacked my company's SSO provider (mattsayar.com)
I never thought I'd stumble across a previously-undiscovered vulnerability, much less one in security software.
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China (gfw.report)
We present Wallbleed, a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China.
How to gain code execution on hundreds of millions of people and popular apps (kibty.town)
Musl Libc: input-controlled out-of-bounds write primitive in iconv (openwall.com)
A vulnerability has been identified in musl libc's implementation of iconv that can result in out-of-bounds memory writes in applications which process untrusted input using iconv and where the input charset for the conversion is input-controlled.
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (marc.info)
We discovered two vulnerabilities in OpenSSH:
Juniper Networks Routers API Authentication Bypass Vulnerability (juniper.net)
Loading×Sorry to interruptCSS ErrorRefresh
CVE-2025-26519: musl Libc: input-controlled out-of-bounds write (openwall.com)
A vulnerability has been identified in musl libc's implementation of iconv that can result in out-of-bounds memory writes in applications which process untrusted input using iconv and where the input charset for the conversion is input-controlled.
Router maker Zyxel tells customers to replace vulnerable hardware (techcrunch.com)
Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
AMD: Microcode Signature Verification Vulnerability (github.com/google)
Google Security Team has identified a security vulnerability in some AMD Zen-based CPUs. This vulnerability allows an adversary with local administrator privileges (ring 0 from outside a VM) to load malicious microcode patches. We have demonstrated the ability to craft arbitrary malicious microcode patches on Zen 1 through Zen 4 CPUs. The vulnerability is that the CPU uses an insecure hash function in the signature validation for microcode updates.
Yubico Issues Security Advisory as 2FA Bypass Vulnerability Confirmed (forbes.com)
Two-factor authentication has increasingly become a security essential over recent years, so when news of anything that can bypass those 2FA protections breaks, it’s not something you can ignore.
Apache fixes Traffic Control bug that attackers could exploit (scworld.com)
Apache’s maintainers on Dec. 23 released patches for a critical 9.9 vulnerability in the Traffic Ops component of Apache Traffic Control versions 8.0.0 and 8.0.1.
OpenOffice security issues unfixed in over 365 days, security status Amber (apache.org)
This was extracted (@ 2024-12-18 21:10) from a list of minutes which have been approved by the Board. Please Note The Board typically approves the minutes of the previous meeting at the beginning of every Board meeting; therefore, the list below does not normally contain details from the minutes of the most recent Board meeting.
Critical Apache Struts bug under active exploit (theregister.com)
A critical security hole in Apache Struts 2 – patched last week – is currently being exploited using publicly available proof-of-concept (PoC) code.
Devin AI security vulnerability discovered live on stream [video] (youtube.com)