No new npm packages compromised?
-
@starchturrets @cR0w noice, mom and dads malware sandbox got REKT
@ciaranmak @cR0w I'm not so sure how bad this is in comparison to the embargoed KVM one at https://xchglabs.com/blog/
-
@ciaranmak @cR0w I'm not so sure how bad this is in comparison to the embargoed KVM one at https://xchglabs.com/blog/
@starchturrets @cR0w I will report back because tbh if I don't end up out in the pub this evening I'm probably gonna test this one out
-
@starchturrets @cR0w I will report back because tbh if I don't end up out in the pub this evening I'm probably gonna test this one out
@ciaranmak @starchturrets @cR0w oh god yes. docker 0day. shoot that shit right into my veins
-
@ciaranmak @starchturrets @cR0w oh god yes. docker 0day. shoot that shit right into my veins
@Viss @ciaranmak @cR0w well runc isn't really a very strong boundary compared to gvisor or kata containers, so I'm not too worried there
-
No new npm packages compromised? No new Linux kernel 0days? Is everyone waiting for EOD or is Friday no longer the day to publish shenanigans?
-
No new npm packages compromised? No new Linux kernel 0days? Is everyone waiting for EOD or is Friday no longer the day to publish shenanigans?
Day ain't over yet.
-
No new npm packages compromised? No new Linux kernel 0days? Is everyone waiting for EOD or is Friday no longer the day to publish shenanigans?
@cR0w maybe all the fire is hiding some fire we don't know about
-
@cR0w maybe all the fire is hiding some fire we don't know about
@huronbikes You mean fire can grow?!
-
Day ain't over yet.
-
No new npm packages compromised? No new Linux kernel 0days? Is everyone waiting for EOD or is Friday no longer the day to publish shenanigans?
@cR0w darf asked nicely
-
No new npm packages compromised? No new Linux kernel 0days? Is everyone waiting for EOD or is Friday no longer the day to publish shenanigans?
@cR0w Gearing up for Monday morning...
-
@huronbikes You mean fire can grow?!
@cR0w I heard a rumor that it can but it's hard to confirm what with being on fire and all.
-
@cR0w darf asked nicely
@nyanbinary That doesn't sound like @darfplatypus ...
-
@nyanbinary That doesn't sound like @darfplatypus ...
@cR0w @nyanbinary
pending analysis. Sorry y'all. -
@badsamurai @NuclearOatmeal @cR0w zero days. zero days, erryday
-
No new npm packages compromised? No new Linux kernel 0days? Is everyone waiting for EOD or is Friday no longer the day to publish shenanigans?
@cR0w docker 0days coming, stuff embargoed atm. more npm tooooo https://xchglabs.com/blog/
-
@cR0w docker 0days coming, stuff embargoed atm. more npm tooooo https://xchglabs.com/blog/
@Viss I saw that but no timeline and no descriptions. Could be total bummers like a lot of the "coming soon" stuff from ZDI and Talos. Fingers crossed though.
-
Day ain't over yet.
-
@shellsharks @NuclearOatmeal In fairness, isn't OpenClaw basically like a Damn Vulnerable Agent for testing and learning at this point?
-
@shellsharks @NuclearOatmeal In fairness, isn't OpenClaw basically like a Damn Vulnerable Agent for testing and learning at this point?
@cR0w @NuclearOatmeal Yeah if DVWA was installed on thousands of endpoints and *checks notes* also exposed to the Internet
https://protean-labs.io/blog/researchers-find-thousands-of-openclaw-instances-exposed
