VulnHub

Cloudflare has patched a vulnerability in its Web Application Firewall (WAF) that could allow attackers to bypass security measures and gain direct access to servers. This vulnerability was identified by researchers from FearsOff in October and reported through Cloudflare's bug bounty program. Companies using Cloudflare’s WAF should be aware that this issue posed a risk of unauthorized access to their systems. The patch has been released to mitigate this risk, and it’s crucial for users to apply the updates promptly to ensure their applications remain secure. Staying ahead of such vulnerabilities is essential for maintaining the integrity of web applications.

Cloudflare recently addressed a vulnerability in its ACME validation logic that could allow attackers to bypass security measures and access protected origin servers. The flaw was linked to how Cloudflare's edge servers processed requests directed at the /.well-known/acme-challenge/ path. If exploited, this could potentially grant unauthorized access to sensitive data or services hosted on those servers. The fix is crucial for organizations relying on Cloudflare for security, as it strengthens the integrity of their server access protocols. Users and administrators should ensure their systems are updated to mitigate any risks associated with this vulnerability.

GitLab has issued a security patch for a serious vulnerability that allows attackers to bypass two-factor authentication (2FA) in both its community and enterprise editions. This flaw could potentially give unauthorized users access to sensitive accounts if exploited. Additionally, GitLab addressed issues related to denial-of-service (DoS) attacks, which could disrupt services for legitimate users. The company advises all users to update their systems promptly to mitigate these risks. This situation emphasizes the importance of keeping software up to date to protect against emerging threats.

A security lapse at a Carlsberg exhibition exposed attendees' personal information due to a poorly secured wristband system. This system allowed unauthorized access to sensitive data, such as visitor photos, videos, and full names. Despite attempts by a researcher to report the vulnerability, their concerns were ignored for several months, raising questions about the company's response to security issues. The incident underscores the need for better data protection practices, especially at public events where personal information is collected. This breach not only affects the individuals whose data was exposed but also damages Carlsberg's reputation as a secure event organizer.

TP-Link has addressed a serious vulnerability in its VIGI C and VIGI InSight camera models that allowed remote access to surveillance systems. This flaw, identified as CVE-2026-0629, has a CVSS score of 8.7, indicating high severity. Over 32 models were affected, with more than 2,500 devices exposed to the internet and potentially at risk of being hacked. Attackers could exploit this vulnerability to bypass local network restrictions, putting users' security and privacy in jeopardy. The fix for this issue is crucial for ensuring the safety of surveillance operations for both businesses and individuals who rely on these cameras.

Researchers have identified three vulnerabilities in Anthropic's Git server for the MCP that can be exploited through prompt injection. This type of attack allows malicious actors to manipulate input prompts, potentially leading to unauthorized actions or data exposure. The vulnerabilities pose a risk to users of the MCP server, as they could be exploited if left unaddressed. It’s crucial for organizations using this Git server to remain vigilant and apply necessary updates to mitigate these risks. The disclosure of these vulnerabilities serves as a reminder of the ongoing security challenges in software development environments.

The article discusses several key cybersecurity issues, including the MongoBleed vulnerability, which affected MongoDB databases by allowing unauthorized access to sensitive data. Researchers pointed out that this incident serves as a reminder for developers to adhere to secure coding practices. The article also references the CWE Top 25, a list of common vulnerabilities that developers should be aware of, emphasizing the importance of addressing these weaknesses in software. Additionally, it touches on secure coding benchmarks that can help prevent such vulnerabilities in the future. Overall, the piece stresses the need for ongoing education and vigilance in software development to protect against these threats.

A vulnerability affecting TP-Link's VIGI cameras has been patched after a researcher identified over 2,500 devices that were exposed to potential remote hacking. This flaw allowed unauthorized access to the cameras, raising serious security concerns for users. The issue underscores the risks associated with Internet of Things (IoT) devices, which are often targeted due to their connectivity and sometimes weak security measures. Users of VIGI cameras should ensure they apply the latest updates from TP-Link to protect their devices from exploitation. This incident serves as a reminder for all IoT device owners to regularly check for firmware updates and vulnerabilities.

Researchers at Miggo Security discovered a vulnerability in Google Gemini that allows attackers to exploit calendar invites to extract private user data. This flaw enables a silent attack method, where the malicious actor can trick the AI into leaking sensitive information without raising alarms. The implications of this vulnerability are significant, as it could compromise users' personal schedules and confidential details stored within their calendar apps. Google users relying on Gemini for scheduling and other functions may be particularly at risk. It's crucial for users and organizations to be aware of this issue and take necessary precautions to safeguard their data.

Researchers have identified a cross-site scripting (XSS) vulnerability in the control panel of StealC, a malware used for stealing information. This flaw allowed the researchers to monitor the activities of the threat actor behind the malware, including capturing system fingerprints and tracking active sessions. The discovery is significant as it provides a rare glimpse into the operations of cybercriminals who utilize this malware. Understanding how these operators function can aid in developing better defenses against such threats. As StealC continues to be a tool for attackers, this vulnerability highlights the ongoing risks associated with information-stealing malware.