CVE-2024-8999 - Lunary AI Lunary BigQuery Data Warehouse Unauthorized Database Export Vulnerability

Source

CVE-2024-8769 - Aimhubio Aim File Deletion Vulnerability Arbitrary File Deletion

Source

CVE-2024-8954 - Composiohq API Header Validation Bypass

Source

CVE-2024-8616 - H2O File Overwrite Vulnerability

Source

CMS ARS A Blueprint for US Healthcare Data Security and Compliance

Protecting sensitive patient information is more critical than ever. With technologies evolving at a breakneck pace and the number of cyber threats targeting healthcare entities in the United States skyrocketing, healthcare organizations must have robust policies and guardrails in place to ensure patients’ confidential information doesn’t fall into

Protecting sensitive patient information is more critical than ever. With technologies evolving at a breakneck pace and the number of cyber threats targeting healthcare entities in the United States skyrocketing, healthcare organizations must have robust policies and guardrails in place to ensure patients’ confidential information doesn’t fall into the wrong hands. One of the essential frameworks for ensuring data security and privacy is the Centers for Medicare & Medicaid Services Acceptable Risk Safeguards (CMS ARS). Released in January 2022, the CMS ARS provides a standardized approach to…

PiEEG Kit is a Self-Contained Biosignal Laboratory

Back in 2023, we first brought you word of the PiEEG: a low-cost Raspberry Pi based device designed for detecting and analyzing electroencephalogram (EEG) and other biosignals for the purposes …read more

Source

Worlds Smallest Blinky Now Even Smaller

Here at Hackaday, it’s a pretty safe bet that putting “World’s smallest” in the title of an article will instantly attract comments claiming that someone else built a far smaller …read more

Source

Improved support for private applications and reusable access policies with Cloudflare Access

We are excited to introduce support for private hostname and IP address-defined applications as well as reusable access policies.

We are excited to introduce support for private hostname and IP address-defined applications as well as reusable access policies.

Source

ZDI-25-173 0Day Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-2530.

ZDI-25-174 0Day Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-2531.