Daily Dose of Dark Web Informer - March 30th, 2026
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Aggregator
OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens
2 months 2 weeks ago
OpenAI Codex vulnerability allowed attackers to steal GitHub tokens via malicious branch names using hidden Unicode command injection flaw.
Deeba Ahmed
New RoadK1ll WebSocket implant used to pivot on breached networks
2 months 2 weeks ago
A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to other systems on the network. [...]
Bill Toulas
INC
2 months 2 weeks ago
You must login to view this content
cohenido
Citrix security advisory (AV26-267) – Update 1
2 months 2 weeks ago
Canadian Centre for Cyber Security
CVE-2025-12548
2 months 2 weeks ago
Currently trending CVE - Hype Score: 1 - A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration (SSH keys, tokens, etc.) from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API ...
CVE-2023-2868
2 months 2 weeks ago
Currently trending CVE - Hype Score: 1 - A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape ...
NZ Police Bust Major Dark Web Drug Ring in Auckland
2 months 2 weeks ago
NZ Police Bust Major Dark Web Drug Ring in Auckland
Dark Web Informer
Мультивселенная существует? Физики говорят: не доказано. Но и отмахнуться уже не получается
2 months 2 weeks ago
Интерпретация квантовой механики объясняет случайность ветвлением реальности, где каждый вариант получает собственную вселенную.
Submit #780395: nothings stb stb_image.h <= 2.30 Double Free [Accepted]
2 months 2 weeks ago
Submit #780395 / VDB-354254
d0razi
Submit #780390: nothings stb stb_image.h <= 2.30 Heap-based Buffer Overflow [Accepted]
2 months 2 weeks ago
Submit #780390 / VDB-354253
d0razi
Submit #780389: TRENDnet TEW-713RE 1.02 Command Injection [Accepted]
2 months 2 weeks ago
Submit #780389 / VDB-354252
panda_0x1
Submit #780387: TRENDnet TEW-713RE 1.02 Command Injection [Accepted]
2 months 2 weeks ago
Submit #780387 / VDB-354251
panda_0x1
Submit #780379: SourceCodester Teacher Record System 1.0 SQL Injection [Accepted]
2 months 2 weeks ago
Submit #780379 / VDB-354250
dyh18
Submit #780377: 648540858 (GitHub) wvp-GB28181-pro master branch — commit to be confirmed (see repository for latest hash) SQL Injection [Duplicate]
2 months 2 weeks ago
Submit #780377 / VDB-352435
binyu
Submit #780375: SourceCodester Simple Doctor's Appointment System 1.0 Unrestricted Upload [Accepted]
2 months 2 weeks ago
Submit #780375 / VDB-354249
dyh18
Submit #780354: SourceCodester Simple Doctor's Appointment System in PHP/MySQL 1.0 SQL Injection [Accepted]
2 months 2 weeks ago
Submit #780354 / VDB-354248
dyh18
Submit #780353: SourceCodester Simple Doctor's Appointment System 1.0 SQL Injection [Accepted]
2 months 2 weeks ago
Submit #780353 / VDB-354247
dyh18
Submit #779147: Totolink A3300R 17.0.0cu.557_b20221024 Command Injection [Accepted]
2 months 2 weeks ago
Submit #779147 / VDB-354246
LvHW
Submit #779146: Totolink A3300R 17.0.0cu.557_b20221024 Command Injection [Accepted]
2 months 2 weeks ago
Submit #779146 / VDB-354245
LvHW