Ghostscript bug could allow rogue documents to run system commands

By Paul Ducklin — July 4^th 2023 at 17:57

Even if you've never heard of the venerable Ghostscript project, you may have it installed without knowing.

The Hacker News

Two New Security Flaws Reported in Ghost CMS Blogging Software

By Ravie Lakshmanan — December 22^nd 2022 at 10:09

Cybersecurity researchers have detailed two security flaws in the JavaScript-based blogging platform known as Ghost, one of which could be abused to elevate privileges via specially crafted HTTP requests. Ghost is an open source blogging platform that's used in more than 52,600 live websites, most of them located in the U.S., the U.K., German, China, France, Canada, and India. Tracked as CVE-

The Hacker News

Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel

By Ravie Lakshmanan — September 12^th 2022 at 11:18

A hacktivist collective called GhostSec has claimed credit for compromising as many as 55 Berghof programmable logic controllers (PLCs) used by Israeli organizations as part of a "Free Palestine" campaign. Industrial cybersecurity firm OTORIO, which dug deeper into the incident, said the breach was made possible owing to the fact that the PLCs were accessible through the Internet and were

FreshRSS

Ghostscript bug could allow rogue documents to run system commands

Two New Security Flaws Reported in Ghost CMS Blogging Software

Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel