Published the writeup for the authenticated SQL injection vulnerability in Kanboard - CVE-2026-33058.

https://0dave.ch/posts/cve-2026-33058/
https://www.cve.org/CVERecord?id=CVE-2026-33058
https://github.com/kanboard/kanboard/security/advisories/GHSA-f62r-m4mr-2xhh

#webappsec #cve #sqli

Saw a new (to me) malware sample in teh logs. A python script scanning for exposed docker APIs deploying xmrig:

hxxps://pastebin[.]com/raw/1p7TJRDd

#malware #python #docker #xmrig

Observed “cetus”, a cryptojacking worm first seen around August 27, 2020.
Guess my flying whale (https://0dave.ch/posts/flying-whales-in-a-pot-of-honey/) works (kinda)  

https://unit42.paloaltonetworks.com/cetus-cryptojacking-worm/

https://bazaar.abuse.ch/sample/b49a3f3cb4c70014e2c35c880d47bc475584b87b7dfcfa6d7341d42a16ebe443/

#docker #honeypot

Smol post about flying whales

https://0dave.ch/posts/flying-whales-in-a-pot-of-honey/

https://www.youtube.com/watch?v=eg_OyqkITSE

#infosec #honeypot

One more side project?  
🥭 🩸 🍯

#mongobleed #CVE-2025-14847

A tl;dr on CVE-2025-6004

https://0dave.ch/posts/cve-2025-6004-tldr/

#CVE #tldr #infosec

Wrote about a funny little vulnerability in goreportcard I encountered just before publishing oauth-labs.

Give it a read if you have some time to kill :)

https://0dave.ch/posts/goreportcard/

#infosec #vulnerability #writeup

Quick http://ghmlwr.0dave.ch/ update:
I've included raw JSON data and an RSS feed (atom), check it out :)

(let me know if either of these two files are borked).

#github #malware #threatintel #update

It's sunday. You are very bored, you want to make the world a better place and report malicious repositories on GitHub.

You can: https://ghmlwr.0dave.ch/

#github #malware #threatintel #security