[RSS] Dell ControlVault, Lasso, GL.iNet vulnerabilities

https://blog.talosintelligence.com/dell-controlvault-lasso-gl-inet-vulnerabilities/

[RSS] Prepared Statements? Prepared to Be Vulnerable.

https://blog.mantrainfosec.com/blog/18/prepared-statements-prepared-to-be-vulnerable

#nodejs

When giving #infosec advice it's easy to forget that the average person probably only knows about Uniform Resource Locators and the Domain Name System.

And Public Key Infrastructure of course.

@joeycastillo "Uncle Sam has to borrow $207 by Friday so he can drink through the weekend"

Github actions yeah but what about Github consequences

Kid: "Yeah, that computer must have been old, it even had a CD-drive!"

#fml

ooh, I like this:
https://www.hacklore.org/letter

AdTech should hire the dev who implemented the tab mute button in #Firefox. This damn thing attracts my cursor like a rare-earth magnet!

https://kagi.com/search?q=firefox+disable+tab+mute&r=no_region&sh=sz8XiYwKHp4PD09ExTXGuw

Scovilles per pigeon

Really big scoop (I don't think @briankrebs knows how big yet) here - he's tracked down somebody who says they are Rey from Lapsus$.

I don't wanna say why yet as I don't have all the pieces of the jigsaw, but I imagine this is going to turn into a long thread over time.

https://krebsonsecurity.com/2025/11/meet-rey-the-admin-of-scattered-lapsus-hunters/

@cR0w

well strlen() returns the amount of bytes so in this regard multibyte characters are not really an issue per see.

https://gitlab.gnome.org/GNOME/glib/-/blob/f28340ee62c655487972ad3c632d231ee098fb7f/glib/gconvert.c#L1318 defines a char array of acceptable (meaning ASCII) characters.

Then it iterates over the dynamically allocated buffer and keeps track of the amount of "unacceptable" characters.

unacceptable was a gint (https://docs.gtk.org/glib/types.html#gint) which could therefore overflow.

To me it does look like glib could use some refactoring.

https://gitlab.gnome.org/GNOME/glib/-/commit/f28340ee62c655487972ad3c632d231ee098fb7f

I just dug through a 9MB JSON to find a direct message I sent here, only to find the corresponding object link to be non-existent. Fortunately I had an accurate timestamp, that helped me dig up the message on the UI after about 5 minutes of constant scrolling.

All this because some genius thought that preventing me from searching my own stuff will prevent online harassment.

#Akkoma #Mastodon #search

@david_chisnall @itsfoss Mandatory background link about the scanner incident and the USB Cart of Death by Raymond Chen:

https://devblogs.microsoft.com/oldnewthing/20240521-00/?p=109786

The Correct Incantation

#webcomic #krita #miniFantasyTheater

Neat vuln in Fail2Ban.

https://gist.github.com/R-Security/1c707a08f9c7f9a91d9d84b5010aaed2

Fail2Ban 0.11.2 contains a vulnerability that allows an attacker with the ability to influence logged input (e.g., authentication logs, service logs processed by Fail2Ban filters) to inject specially crafted patterns that lead to command execution within the Fail2Ban action processing pipeline.

Because Fail2Ban actions typically run with root privileges, this can result in privilege escalation, allowing an attacker to execute commands with elevated permissions.

The issue arises from insufficient sanitization of variables passed into action scripts under certain configurations, allowing malicious input to propagate into shell execution.

That's an avenue that I admit I hadn't thought to check before. Seems so simple though.

https://access.redhat.com/security/cve/CVE-2025-13601

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

VSCode doesn't know the powers I possess!

Using a Pixel with GrapheneOS that features Inactivity Reboot, MTE, and more? — You must be a drug dealer. 🚨

Using an iPhone 17, which now also ships with EMTE, Inactivity Reboot, SPTM, TXM, Conclaves, ...? — Oh, just the average Apple fangirl/boy who gets a new device every year due to camera improvements. ✅

GrapheneOS released some innovative mitigations prior to Apple. Yet, it needs Big Tech to apply such ideas and make phones more secure at scale.

https://www.golem.de/news/grapheneos-verlaesst-ovh-frankreich-ist-kein-sicheres-land-fuer-privacy-projekte-2511-202570.html

Abstract verbalizations about personal liberty, freedom of the press, and so on, will not be convincing in most parts of the world.