Skip to main content

Tag: code injection

10 articles

Network equipment and security appliance in a secure facility setup.

SonicWall Disrupts Zero-Day Attacks with Urgent Patch for SMA1000 Flaws

SonicWall has issued a critical patch to combat zero-day attacks exploiting two vulnerabilities in its SMA1000 line, with attackers already taking advantage of these flaws in the wild. The company urges immediate action to prevent further damage from these actively exploited security gaps.

Analyst 207
Developer workstation with laptop, terminal, and papers, in a research area with a blurred background.

AI Coding Assistants Exposed to Symlink Flaw

Researchers uncovered a major vulnerability, dubbed GhostApproval, that affects six popular AI coding assistants, allowing attackers to manipulate the code and write malicious data into sensitive files. This flaw uses a clever trick involving deceptively named files and symbolic links to catch AI assistants off guard.

Analyst 207
Developer workstation with coding interface on laptop amidst office surroundings.

AI Coding Assistants Exposed to HalluSquatting Botnet Attack

Researchers have uncovered a sneaky new attack method called HalluSquatting that targets AI coding assistants, exploiting their tendency to invent names and run code with minimal human oversight. This clever tactic chains together AI behaviors like hallucination and prompt injection to deliver malware efficiently.

Analyst 207
CISA Warns of Active Exploitation of Lantronix EDS5000 Flaw

CISA Warns of Active Exploitation of Lantronix EDS5000 Flaw

A critical code-injection flaw, CVE-2025-67038, has been discovered in Lantronix EDS5000 Series devices, allowing attackers to inject arbitrary OS commands with root privileges due to a lack of input sanitization in the HTTP RPC module. This vulnerability has a CVSS score of 9.8, indicating a high severity level.

Analyst 207
Developer workstation with laptop, code, and git terminal, surrounded by coffee cup and notes in soft daylight.

Gogs Vulnerability Exposes Remote Code Execution Risk

A newly discovered vulnerability in Gogs puts servers at risk of remote code execution, allowing any authenticated user to inject malicious code through a simple pull request. By crafting a malicious branch name, attackers can exploit the --exec flag in git rebase to run unauthorized shell commands.

Analyst 207
Developer workstation with VS Code on laptop and monitor, subtle security threat hinted in background.

GitHub Breach Exposes 3800 Repositories via Poisoned VS Code Extension

A malicious Visual Studio Code extension, Nx Console, was briefly listed on official registries and used to breach GitHub, exposing approximately 3,800 internal repositories to unauthorized access. The popular extension, with 2.2 million installs, was compromised for just 18 minutes, but long enough to cause significant damage.

Analyst 207
Developer workstation with laptop and office supplies in a bright, minimalist room.

Claude Code Attack Persists Through Token Rotation Flaw

A surprising lack of resistance to a proof-of-concept attack has exposed a vulnerability in Claude Code, allowing a five-step attack chain that can turn routine token rotation into a continuous compromise. This exploit requires just one malicious npm package and the ability to run code on a developer's machine, making it a concerning threat.

Analyst 207
Rows of computer servers and storage equipment in a brightly-lit data center setting.

SAP Patches Critical Flaws in Commerce Cloud and S/4HANA

SAP has patched a critical vulnerability in its Commerce Cloud and S/4HANA systems, warning that hackers could exploit the flaw to upload malicious code and take control of the application. This security gap, caused by a misconfigured Spring Security setup, put sensitive data and system integrity at risk.

Analyst 207
Rows of computer servers in a secure data center with subtle coding hints.

GitHub swiftly patches flaw exposing millions of private repos

GitHub quickly squashed a massive security flaw, CVE-2026-3854, that could have let hackers access millions of private repositories with just one sneaky git push. The vulnerability allowed attackers to inject malicious code by exploiting how GitHub handled user-supplied options during git push operations.

Analyst 207
Dimly lit server room with a lone exposed server and tangled cables.

Apache ActiveMQ Vulnerability Exploited, Hits 6,400 Servers

More than 6,400 publicly accessible Apache ActiveMQ servers are under attack, thanks to a high-severity code injection vulnerability that's being actively exploited. Is your server among them?

Analyst 207