Hasura GraphQL 2.2.0 – Information Disclosure Exploit

Post ContentRead More ...

Continue Reading
GitLab GraphQL API User Enumeration

This module queries the GitLab GraphQL API without authentication to acquire the list of GitLab users (CVE-2021-4191). The module works on all GitLab versions from 13.0 up to 14.8.2, 14.7.4, and 14.6. ...

Continue Reading
RST Threat feed. IOC: graphql.magical.coffee

Found **graphql[.]magical.coffee** in [RST Threat Feed](https:/...Read More ...

Continue Reading
RST Threat feed. IOC: graphql-server-ecs-chat-497780143.us-west-2.elb.cryptohosting.eu

Found **graphql-server-ecs-chat-497780143[.]us-west-2.elb.crypto...Read More ...

Continue Reading
RST Threat feed. IOC: internal-graphql-stable-web-jer5f6d-n-933384777.us-east-1.elb.cryptohosting.eu

Found **internal-graphql-stable-web-jer5f6d-n-933384777[.]us-eas...Read More ...

Continue Reading
CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)

![CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)](https://blog.rapid7.com/content/images/2022/03/gitlab-vuln.jpg) On February 25, 2022, GitLab [published a fix]() for CVE-2021-4191, which ...

Continue Reading
New Security Vulnerability Affects Thousands of Self-Managed GitLab Instances

[![GitLab Self-Managed Instances](https://thehackernews.com/new-images/img/a/AVvXsEh4OrdiGnjyt32NTMBZgXDFivys2ugmsWFHG5EaBCobkzwMT661q_9DYff3u7NC4RSiBe-u24cVDAn8H4oD-uoKXeHbScjxNykkpHeOC0rs4pOb-l55P86 ...

Continue Reading
Thousands of GitLab instances impacted by multiple security flaws

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Multiple security vulnerabilities have been discovered by researchers in GitLab, an open-source DevOps software. Some of these ...

Continue Reading

Back to Main

Subscribe for the latest news: