#Tag
⚠️ Cisco must share more information about effects of severe bugs on businesses, senator says / @therecord_media
「 U.S. Sen. Bill Cassidy wrote to Cisco CEO Chuck Robbins about CVE-2025-30333 and CVE-2025-20362, vulnerabilities that caused alarm three weeks ago when federal civilian agencies were given just one day to address them 」
https://therecord.media/cisco-asa-vulnerabilities-sen-bill-cassidy-questions
CamoLeak: Critical GitHub #Copilot #Vulnerability Leaks Private Source Code
「 allowed silent exfiltration of secrets and source code from private repos, and gave me full control over Copilot’s responses, including suggesting malicious code or links.
The attack combined a novel CSP bypass using GitHub’s own infrastructure with remote prompt injection. I reported it via HackerOne, and GitHub fixed it by disabling image rendering in Copilot Chat completely 」
CamoLeak: Critical GitHub #Copilot #Vulnerability Leaks Private Source Code
「 allowed silent exfiltration of secrets and source code from private repos, and gave me full control over Copilot’s responses, including suggesting malicious code or links.
The attack combined a novel CSP bypass using GitHub’s own infrastructure with remote prompt injection. I reported it via HackerOne, and GitHub fixed it by disabling image rendering in Copilot Chat completely 」
We've released #Hollo 0.6.12 to fix a critical privacy #vulnerability where direct messages were being exposed in the replies section of public posts. Please update your instances immediately to ensure your private conversations remain private.
🍔 Just collabed with @BobTheShoplifter on a MASSIVE SECURITY BREACH: We exposed how Restaurant Brands International (Burger King, Tim Hortons, Popeyes) left their drive-thru systems etc completely vulnerable.
🎯 What we found:
• Unauthenticated API access to ALL drive-thru locations globally
• Drive-thru voice recordings of customers accessible
• Employee PII exposed.
• Bathroom feedback systems with zero auth
• Hardcoded passwords in client-side code
The scope was insane - we could access any drive-thru system globally. Even listen to your actual drive-thru orders 👂
Credit to RBI for lightning-fast response once disclosed, but the privacy implications were staggering.
Full technical breakdown: https://bobdahacker.com/blog/rbi-hacked-drive-thrus
#InfoSec#CyberSecurity#ResponsibleDisclosure#Privacy#GDPR#API#GraphQL#SecurityResearch#VulnDisclosure#RestaurantBrands#BurgerKing#TimHortons#Popeyes #vulnerability
🍔 Just collabed with @BobTheShoplifter on a MASSIVE SECURITY BREACH: We exposed how Restaurant Brands International (Burger King, Tim Hortons, Popeyes) left their drive-thru systems etc completely vulnerable.
🎯 What we found:
• Unauthenticated API access to ALL drive-thru locations globally
• Drive-thru voice recordings of customers accessible
• Employee PII exposed.
• Bathroom feedback systems with zero auth
• Hardcoded passwords in client-side code
The scope was insane - we could access any drive-thru system globally. Even listen to your actual drive-thru orders 👂
Credit to RBI for lightning-fast response once disclosed, but the privacy implications were staggering.
Full technical breakdown: https://bobdahacker.com/blog/rbi-hacked-drive-thrus
#InfoSec#CyberSecurity#ResponsibleDisclosure#Privacy#GDPR#API#GraphQL#SecurityResearch#VulnDisclosure#RestaurantBrands#BurgerKing#TimHortons#Popeyes #vulnerability
Interesting #vulnerability research writeup (that was published a few months ago)
Compromising #OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection
https://flatt.tech/research/posts/compromising-openwrt-supply-chain-sha256-collision/#fnref:2
Here's my new article on how I escalated a CSS injection to remote code execution on a Google app. Enjoy!
Here's my new article on how I escalated a CSS injection to remote code execution on a Google app. Enjoy!
Interesting #vulnerability research writeup (that was published a few months ago)
Compromising #OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection
https://flatt.tech/research/posts/compromising-openwrt-supply-chain-sha256-collision/#fnref:2
Hacked Monster Energy 💀
They think their customers are "lower income Caucasian males (skews Hispanic)" and left their ENTIRE file system exposed.
https://bobdahacker.com/blog/monster-energy
#InfoSec#Security#DataBreach#MonsterEnergy#Vulnerability#CyberSecurity#ResponsibleDisclosure#BugBounty
Hacked Monster Energy 💀
They think their customers are "lower income Caucasian males (skews Hispanic)" and left their ENTIRE file system exposed.
https://bobdahacker.com/blog/monster-energy
#InfoSec#Security#DataBreach#MonsterEnergy#Vulnerability#CyberSecurity#ResponsibleDisclosure#BugBounty
I received an email earlier this week from EA asking if I wanted to be added to a public acknowledgement page they were creating for individuals who responsibly disclosed vulnerabilities to them.
For all the shit people give EA, of the 100+ companies I contacted in the last two years, they were the only company I would say had a decent incident response.
They fixed the issue within 12 hours after validating it as critical, and proactively provided me multiple updates over time.
When the IR was done on their side, they reached out again with some more information about the potential impact if the issue hadn't been solved quickly, and also offered me a reward.
I did not have to keep chasing anyone for updates, I wasn't asked for non-disclosure, or offered money in exchange for it, and people replied instead of ignoring me.
I wasn't blamed for their mistake, either, or reported to the authorities.
Unfortunately, at least one or multiple of the things mentioned above are present in most of my other incidents reported; it's a real shit show out there.
#cybersecurity #infosec #responsibledisclosure #vulnerability #ea #electronicarts
🍔 Found huge security flaws in McDonald's - crew members could access sites reserved for corporate employees with internal functions, API keys exposed, and more. Had to call their HQ and pretend to know people just to report it 🤦
Technical details:
They fixed it but fired my friend who helped find the OAuth vulnerabilities.
Full Technical Writeup: https://bobdahacker.com/blog/mcdonalds-security-vulnerabilities
#infosec #bugbountry #responsibledisclosure #security #cybersecurity #hacking #vulnerability
🍔 Found huge security flaws in McDonald's - crew members could access sites reserved for corporate employees with internal functions, API keys exposed, and more. Had to call their HQ and pretend to know people just to report it 🤦
Technical details:
They fixed it but fired my friend who helped find the OAuth vulnerabilities.
Full Technical Writeup: https://bobdahacker.com/blog/mcdonalds-security-vulnerabilities
#infosec #bugbountry #responsibledisclosure #security #cybersecurity #hacking #vulnerability
We've released #security updates for #Hollo (0.4.12, 0.5.7, and 0.6.6) to address a #vulnerability in the underlying #Fedify framework. These updates incorporate the latest Fedify security patches that fix CVE-2025-54888.
We strongly recommend all Hollo instance administrators update to the latest version for their respective release branch as soon as possible.
Update Instructions:
docker pull ghcr.io/fedify-dev/hollo:latest and restart your containersgit pull to get the latest code, then pnpm install and restart your serviceAll #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.
This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.
The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.
After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.
The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.
A space for Bonfire maintainers and contributors to communicate
