221538 author: mjg@ack.nerdfight.online 13 Apr 13:55
https://metacpan.org/release/SHAY/perl-5.38.4/view/pod/perldelta.pod
tags: #cpan #perl #security #vulnerability

The Perl 5 Porters have released #Perl versions 5.40.2 and 5.38.4 to address CVE-2024-56406. It is believed that this #security #vulnerability can enable Denial of Service or Arbitrary Code Execution attacks on platforms that lack sufficient defenses.

You can soon download both from your favorite #CPAN mirror or find them at:

https://metacpan.org/release/SHAY/perl-5.40.2/

https://metacpan.org/release/SHAY/perl-5.38.4/

Changes are listed in their respective “perldelta” documents:

https://metacpan.org/release/SHAY/perl-5.40.2/view/pod/perldelta.pod

199706 author: greynoise@infosec.exchange 12 Mar 2025 20:41
https://www.greynoise.io/blog/new-ssrf-exploitation-surge
tags: #cybersecurity #greynoise #vulnerability

🚨 March 12 UPDATE: Grafana Exploitation May Signal Multi-Phase SSRF Attacks. Update + original analysis:

146653 author: leakix@mastodon.social 07 Jan 2025 14:18
tags: #cybersecurity #vscode #vulnerability

⚠️ During our scans we found ~70K applications exposing their VSCode SFTP config.

These are often critical and can include FTP/SSH credentials.

You can check this out here: https://leakix.net/search?q=%2Bplugin%3AVsCodeSFTPPlugin&scope=leak

141453 author: alexandreborges@infosec.exchange 31 Dec 2024 17:42
tags: #android #apple #cybersecurity #exploitation #hacking #informationsecurity #ios #reverseengineering #vulnerability

All videos from The 38th Chaos Communication Congress (38C3) 2024:

https://media.ccc.de/b/congress/2024