Notices by leakix (leakix@mastodon.social)

🚨 New plugin: WatchGuardFireboxPlugin (CVE-2025-59396).

WatchGuard Firebox default credentials allow administrative SSH access. CVE rejected by NVD: "Not a security vulnerability".

Results: https://leakix.net/search?q=%2Bplugin%3AWatchGuardFireboxPlugin&scope=leak

@GossiTheDog @shadowserver let us know if you want to share paths. We'll share with them and you and release the info publicly.

@GossiTheDog https://www.youtube.com/watch?v=myY-4YsWTAM

@GossiTheDog 😇 sure does work. Any take-down requests yet ? 🤔

🚨 Detection for Cisco ASA CVE-2020-3259 has been added.
~2.5k vulnerable instances still found on a 5 years old vulnerability allowing for session hijacking and credentials stealing.

Source: https://cyberplace.social/@GossiTheDog/111848755813858062
Thanks: @GossiTheDog
Query: +plugin:CiscoASAPlugin

@GossiTheDog Oh great, are the Greet Admins of Mastodon going to ban Google from their instance ?

Sorry, sorry, the salt went off :)

⚠️ During our scans we found ~70K applications exposing their VSCode SFTP config.

These are often critical and can include FTP/SSH credentials.

You can check this out here: https://leakix.net/search?q=%2Bplugin%3AVsCodeSFTPPlugin&scope=leak

#cybersecurity #vscode #vulnerability

⚠️We added detection for compromised #TeamCity instances:

1711 vulnerable instances were found during our last scan, 1442 show clear signs of rogue user creation.

If you were/are still running a vulnerable system, assume compromise.

⚠️⚠️⚠️ We are seeing massive exploitation of #TeamCity CVE-2024-27198.

Hundreds of users are created for later use across the Internet.