#codeinjection — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #codeinjection, aggregated by home.social.
-
SAP Patches Critical Flaws in Commerce Cloud and S/4HANA
SAP has patched a critical vulnerability in its Commerce Cloud and S/4HANA systems, warning that hackers could exploit the flaw to upload malicious code and take control of the application. This security gap, caused by a misconfigured Spring Security setup, put sensitive data and system integrity at risk.
#SapCommerceCloud #Cve202634263 #CodeInjection #ServersideCodeExecution #SpringSecurity
-
Du nutzt noch LinkedIn?
(Vielleicht sogar mit Windows?)
Dann lies hier mal aufmerksam den ganzen Artikel, wie Microsoft deinen PC manipuliert um dich zu überwachen!
Microsoft agiert hier äußerst "kreativ"!
"Microsoft Corporation’s LinkedIn is running a massive, global, and illegal spying operation on every computer that visits their website."
(...)
As part of the campaign in removing everyone from the market who might actually make use of the Digital Markets Act, **LinkedIn started injecting malicious code into the browsers of their users**, without their knowledge or their consent.
At the time of writing, this code downloads a list of 6,222 software products and brute-forces the detection of each one. The scan covers extensions with a combined user base of approximately 405 million people.
(...)
Because LinkedIn knows each visitor’s name, employer, and job title, every detected extension is matched to an identified individual. And because LinkedIn knows where each user works, these individual scans aggregate into detailed profiles of companies, institutions, and government agencies, revealing which software tools their employees use without the organization’s knowledge or consent."
https://browsergate.eu/executive-summary/
via
https://www.henning-uhle.eu/shorty-sagt/shorty-sagt-die-katastrophe-bei-linkedin
#LinkedIn #Microsoft #CodeInjection -
🖥️ Ah yes, the delightful pastime of injecting code into #macOS for absolutely no gain whatsoever! 💸 The author, who simply cannot stop talking about his unrelated love for a Windows tool, generously shares a step-by-step guide on achieving... well, nothing relevant. 🎯 Spoiler: it's all #fun and games until your Mac says "Goodnight, and good luck!" 🌙
https://mariozechner.at/posts/2024-07-20-macos-code-injection-fun/ #coding #codeinjection #techhumor #softwaredevelopment #HackerNews #ngated -
W jaki sposób exploit typu Content Injection może zniszczyć społeczność kultowej gry RTS?
StarCraft: Brood War i jego następca StarCraft 2 to ikony gatunku RTS (strategii czasu rzeczywistego) oraz jedne z najważniejszych gier komputerowych w historii, które od dekad cieszą się aktywną społecznością i profesjonalną sceną e-sportową. Jednak StarCraft 2 stoi obecnie przed poważnymi problemami, które zagrażają jego dalszemu rozwojowi i funkcjonowaniu gry....
-
Why Names Break Systems - Web systems are designed to be simple and reliable. Designing for the everyday per... - https://hackaday.com/2025/08/05/why-names-break-systems/ #securityhacks #codeinjection #sqlinjection #apostrophe #webdesign #unicode #ascii
-
🚨 ALERT 🚨: Someone figured out that your precious #Dependabot can be manipulated like a sneaky teenager with an unlimited credit card! 🤦♂️ Congratulations, now bots can help hackers throw a party in your codebase complete with command injection fireworks. 🎉 Keep pretending your #AppSec is secure, it'll be fun!
https://boostsecurity.io/blog/weaponizing-dependabot-pwn-request-at-its-finest #Vulnerability #CodeInjection #SecurityAlerts #HackerNews #HackerNews #ngated -
Someone copied our GitHub project, added stars, and injected malicious code
https://old.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/
#HackerNews #GitHub #Security #CodeInjection #MaliciousCode #OpenSource #Community
-
Malicious NuGet Campaign Tricking Developers To Inject Malicious Code https://gbhackers.com/malicious-nuget-campaign-code-injection/ #supplychainattacks #CVE/vulnerability #CyberSecurityNews #CodeInjection #NuGetSecurity #CyberAttack #Malware
-
Eine dem Anbieter bereits bekannte Sicherheitslücke der Luca-App kann ausgenutzt werden, um Schadcode einzuschleusen – und so Gesundheitsämter lahmzulegen. Gefahr für Gesundheitsämter: Luca-App ermöglicht Code Injection -
Attack Using Fake Python Infrastructure
A sophisticated attack campaign was uncovered targeting the software supply chain and successfully exploiting multiple victims through account takeover, malicious code injection in repositories, and publishing of poisoned Python packages. The threat actors set up fake Python infrastructure to distribute malware that harvested sensitive data.
Pulse ID: 6602e45fbee5bc3d4c622ae3
Pulse Link: https://otx.alienvault.com/pulse/6602e45fbee5bc3d4c622ae3
Pulse Author: AlienVault
Created: 2024-03-26 15:06:07Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CodeInjection #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #Python #SupplyChain #bot #AlienVault
-
The malware strategically injects a specialized script tag into the victim’s browser, leading to an external script, enhancing the attack’s stealth by avoiding detection as simple loader scripts often are.
#Cybersecurity #Trojan #CodeInjection #IBM #JavaScript #Banking
-
The tagDiv plugin and the Newspaper theme are popular among WordPress users for their rich features and user-friendly design.
#WordPress #Cybersecurity #CodeInjection #Vulnerabilities #tagDiv #Plugins
https://cybersec84.wordpress.com/2023/10/10/new-balada-injector-attack-targets-wordpress-admins/
-
📬 Twitter sammelt Nutzerdaten von über 70.000 Webseiten
#Datenschutz #Internet #Amazon #Audi #CodeInjection #ElonMusk #RestrictedDataUsage #Spotify #TwitterPixel #Volkswagen https://tarnkappe.info/artikel/datenschutz/twitter-sammelt-nutzerdaten-von-ueber-70-000-webseiten-260669.html -
Hey #infosec/#appsec peeps...
Ever wanted to work on #videogames? :) Cheat devs are using #hypervisor mods to do hard-to-detect #codeinjection and in-memory modification.
#Bungie needs a low-level security engineer to help develop strategies that can be implemented in game clients running on compromised hardware to detect, mitigate, and run psyops on cheaters and cheat devs.
If you like adversarial work, it's pretty awesome. Come talk to me :)
-
Nachdem das Problem bereits bei Facebook und Instagram aufgedeckt worden war, hat sich ein Sicherheitsforscher nun auch den chinesischen Videodienst angesehen.
Auch TikTok-App soll mit internem iPhone-Browser spionieren können -
Eine Schwachstelle der Luca-App hätte ganze Gesundheitsämter lahmlegen können. Nun kommt auch Kritik vom Bundesamt für Sicherheit in der Informationstechnik. BSI kritisiert ebenfalls Luca-App: "Angriffs-Szenario plausibel"
-
:firefox: Browser: Mozilla härtet Firefox gegen Code-Injection
📌 Das Security-Team von Mozilla will den Firefox-Browser besser gegen Code-Injection-Lücken härten, verzichtet dafür auf Inline-Aufrufe in den eigenen About-Seiten und hat die Nutzung der eval()-Funktion überarbeitet.
#Browser #Mozilla #Firefox #codeinjection #CodeInjectionLücken #Internet
https://www.golem.de/news/browser-mozilla-haertet-firefox-gegen-code-injection-1910-144413.html
-
💉 #commandinjection is a type of #cyberattack that involves injecting malicious commands into a system through vulnerable input fields.
🔒🛡️ Protecting against it is crucial to prevent unauthorized access, #databreaches, and potential system compromise.
To learn more: https://bit.ly/45VGBah
#commandinjectionattack #codeinjection #injectionattacks #owasp #applicationsecurity #vulnerabilities #waap #waf #apptrana #indusface
-
💉 #commandinjection is a type of #cyberattack that involves injecting malicious commands into a system through vulnerable input fields.
🔒🛡️ Protecting against it is crucial to prevent unauthorized access, #databreaches, and potential system compromise.
To learn more: https://bit.ly/45VGBah
#commandinjectionattack #codeinjection #injectionattacks #owasp #applicationsecurity #vulnerabilities #waap #waf #apptrana #indusface
-
💉 #commandinjection is a type of #cyberattack that involves injecting malicious commands into a system through vulnerable input fields.
🔒🛡️ Protecting against it is crucial to prevent unauthorized access, #databreaches, and potential system compromise.
To learn more: https://bit.ly/45VGBah
#commandinjectionattack #codeinjection #injectionattacks #owasp #applicationsecurity #vulnerabilities #waap #waf #apptrana #indusface
-
The tagDiv plugin and the Newspaper theme are popular among WordPress users for their rich features and user-friendly design.
#WordPress #Cybersecurity #CodeInjection #Vulnerabilities #tagDiv #Plugins
https://cybersec84.wordpress.com/2023/10/10/new-balada-injector-attack-targets-wordpress-admins/
-
The tagDiv plugin and the Newspaper theme are popular among WordPress users for their rich features and user-friendly design.
#WordPress #Cybersecurity #CodeInjection #Vulnerabilities #tagDiv #Plugins
https://cybersec84.wordpress.com/2023/10/10/new-balada-injector-attack-targets-wordpress-admins/
-
The tagDiv plugin and the Newspaper theme are popular among WordPress users for their rich features and user-friendly design.
#WordPress #Cybersecurity #CodeInjection #Vulnerabilities #tagDiv #Plugins
https://cybersec84.wordpress.com/2023/10/10/new-balada-injector-attack-targets-wordpress-admins/
-
The tagDiv plugin and the Newspaper theme are popular among WordPress users for their rich features and user-friendly design.
#WordPress #Cybersecurity #CodeInjection #Vulnerabilities #tagDiv #Plugins
https://cybersec84.wordpress.com/2023/10/10/new-balada-injector-attack-targets-wordpress-admins/