{"vulnerability": "CVE-2024-28253", "sightings": [{"uuid": "d81901c0-64ac-44fb-b7ed-5440ca4ea3f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-28253.yaml", "content": "", "creation_timestamp": "2025-12-09T17:41:30.000000Z"}, {"uuid": "e4507c41-70c7-4773-9927-2dba2a21687f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m7qhvbamda2f", "content": "", "creation_timestamp": "2025-12-11T21:02:31.036251Z"}, {"uuid": "003088c5-2e69-4bb4-81c6-66e8e3d91597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "exploited", "source": "https://t.me/itsec_news/4333", "content": "\u200b\u26a1\ufe0f\u041c\u0430\u0439\u043d\u0438\u043d\u0433 \u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e: OpenMetadata \u0441\u0442\u0430\u043b\u0430 \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u043e\u0439 \u0434\u043b\u044f \u0438\u043d\u0432\u0435\u0441\u0442\u0438\u0446\u0438\u0439 \u0432 \u043d\u0435\u0434\u0432\u0438\u0436\u0438\u043c\u043e\u0441\u0442\u044c \u041a\u0438\u0442\u0430\u044f\n\n\ud83d\udcac Microsoft \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u043d\u043e\u0432\u044b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 OpenMetadata, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0440\u0430\u0431\u043e\u0447\u0438\u043c \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430\u043c \u0432 \u0441\u0440\u0435\u0434\u0435 Kubernetes \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430.\n\nOpenMetadata \u2014 \u044d\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0430\u043c \u0438 \u0443\u0447\u0451\u043d\u044b\u043c \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0438\u0441\u043a\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u043d\u0443\u0442\u0440\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445, \u0442\u0430\u0431\u043b\u0438\u0446\u044b, \u0444\u0430\u0439\u043b\u044b \u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\n\n15 \u043c\u0430\u0440\u0442\u0430 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 ( CVE-2024-28255 , CVE-2024-28847 , CVE-2024-28253 , CVE-2024-28848 , CVE-2024-28254 ), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 1.3.1. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430. \u0421 \u043d\u0430\u0447\u0430\u043b\u0430 \u0430\u043f\u0440\u0435\u043b\u044f \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 Kubernetes.\n\nMicrosoft \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 OpenMetadata, \u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u0434\u043e 1.3.1 \u0438\u043b\u0438 \u043d\u043e\u0432\u0435\u0435. \u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u0431\u043b\u043e\u0433\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0434\u0435\u043b\u0438\u0442\u0441\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u043e\u043c \u0430\u0442\u0430\u043a\u0438, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 (Indicators of compromise, IoC) \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u0430 \u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0410\u0442\u0430\u043a\u0430 \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u0441 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043a \u0440\u0430\u0431\u043e\u0447\u0438\u043c \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430\u043c OpenMetadata, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c \u043a \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443. \u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043d\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0435 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 OpenMetadata. \u041e\u043d\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 ping-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u0434\u043e\u043c\u0435\u043d\u044b, \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u044e\u0449\u0438\u0435\u0441\u044f \u043d\u0430 oast[.]me \u0438 oast[.]pro, \u0447\u0442\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 Interactsh \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439.\n\n\u041f\u043e\u0441\u043b\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442 \u0441\u0435\u0440\u0438\u044e \u043a\u043e\u043c\u0430\u043d\u0434 \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0441\u0440\u0435\u0434\u0435 \u0436\u0435\u0440\u0442\u0432\u044b, \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u044e\u0442 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u0441\u0442\u0440\u043e\u043a\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435. \u0414\u0430\u043b\u0435\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0434\u043b\u044f \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u041a\u0438\u0442\u0430\u0435, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0441 \u044d\u0442\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 Netcat \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 cronjobs \u0434\u043b\u044f \u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430\u0434\u0430\u0447.\n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0442\u0430\u043a\u0436\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u0438\u0441\u043a\u0438 \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u043e\u0441\u044f\u0442 \u0436\u0435\u0440\u0442\u0432 \u043f\u043e\u0436\u0435\u0440\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u0443 Monero, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043c\u043e\u0447\u044c \u0438\u043c \u043a\u0443\u043f\u0438\u0442\u044c \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u044c \u0438\u043b\u0438 \u0436\u0438\u043b\u044c\u0435 \u0432 \u041a\u0438\u0442\u0430\u0435\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-04-18T12:37:11.000000Z"}, {"uuid": "d4b5d3d3-cdd2-4cca-8821-71a004b77f62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "seen", "source": "https://t.me/arpsyndicate/4831", "content": "#ExploitObserverAlert\n\nCVE-2024-28253\n\nDESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2024-28253. OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. `CompiledRule::validateExpression` is also called from `PolicyRepository.prepare`. `prepare()` is called from `EntityRepository.prepareInternal()` which, in turn, gets called from `EntityResource.createOrUpdate()`. Note that even though there is an authorization check (`authorizer.authorize()`), it gets called after `prepareInternal()` gets called and therefore after the SpEL expression has been evaluated. In order to reach this method, an attacker can send a PUT request to `/api/v1/policies` which gets handled by `PolicyResource.createOrUpdate()`. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query and is also tracked as `GHSL-2023-252`. This issue may lead to Remote Code Execution and has been addressed in version 1.3.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\nFIRST-EPSS: 0.000440000\nARPS-PRIORITY: 0.7718071", "creation_timestamp": "2024-04-24T22:12:28.000000Z"}, {"uuid": "03bcd749-e20a-4444-ba7f-cff6de67bd4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "seen", "source": "https://t.me/arpsyndicate/4420", "content": "#ExploitObserverAlert\n\nCVE-2024-28253\n\nDESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2024-28253. OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. `CompiledRule::validateExpression` is also called from `PolicyRepository.prepare`. `prepare()` is called from `EntityRepository.prepareInternal()` which, in turn, gets called from `EntityResource.createOrUpdate()`. Note that even though there is an authorization check (`authorizer.authorize()`), it gets called after `prepareInternal()` gets called and therefore after the SpEL expression has been evaluated. In order to reach this method, an attacker can send a PUT request to `/api/v1/policies` which gets handled by `PolicyResource.createOrUpdate()`. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query and is also tracked as `GHSL-2023-252`. This issue may lead to Remote Code Execution and has been addressed in version 1.3.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\nFIRST-EPSS: 0.000440000", "creation_timestamp": "2024-04-09T20:50:35.000000Z"}, {"uuid": "1ac48ff6-8303-46d7-be59-8e24c53cc37c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "seen", "source": "https://t.me/ctinow/215639", "content": "https://ift.tt/H9CgRLV\nCVE-2024-28253 Exploitation", "creation_timestamp": "2024-04-18T15:16:30.000000Z"}, {"uuid": "37b18bb9-7ac3-48ac-865d-b53dd9a01850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "exploited", "source": "https://t.me/true_secator/5657", "content": "Microsoft \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 OpenMetadata \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 Kubernetes \u0434\u043b\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 \u043a\u0440\u0438\u043f\u0442\u044b.\n\nOpenMetadata \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0441\u0432\u043e\u0435\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445, \u0442\u0430\u0431\u043b\u0438\u0446\u044b, \u0444\u0430\u0439\u043b\u044b \u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432 \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2024-28255, CVE-2024-28847, CVE-2024-28253, CVE-2024-28848 \u0438 CVE-2024-28254), \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b 15 \u043c\u0430\u0440\u0442\u0430 \u0432 OpenMedata \u0432\u0435\u0440\u0441\u0438\u0439 1.2.4 \u0438 1.3.1.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0430\u043f\u0440\u0435\u043b\u044f.\n\n\u0421\u043d\u0430\u0447\u0430\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 OpenMetadata Kubernetes, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0435, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0437\u0430\u043f\u0443\u0449\u0435\u043d \u043e\u0431\u0440\u0430\u0437 OpenMetadata.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u0435.\n\n\u0417\u0430\u0442\u0435\u043c \u043e\u043d\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044e\u0442 \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0434\u043b\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430.\n\n\u041d\u0430 \u044d\u0442\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0445\u0440\u0430\u043d\u044f\u0442\u0441\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u041f\u041e, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u043e\u043c \u043a\u0440\u0438\u043f\u0442\u044b, \u043a\u0430\u043a \u0434\u043b\u044f \u041e\u0421 Linux, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f \u041e\u0421 Windows.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u044e\u0442 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 Netcat, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0443, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0432\u0440\u0443\u043a\u043e\u043f\u0430\u0448\u043d\u0443\u044e \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0435\u0449\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n\n\u0414\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 cronjobs \u0434\u043b\u044f \u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430\u0434\u0430\u0447, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0438\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434, \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0432\u0430\u043b\u044b \u0432\u0440\u0435\u043c\u0435\u043d\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a\u0438 \u0445\u0430\u043a\u0435\u0440\u044b \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u0438\u0441\u043a\u0438 \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 \u043f\u0440\u043e\u0441\u044c\u0431\u043e\u0439 \u043f\u043e\u0434\u043a\u0438\u043d\u0443\u0442\u044c Monero, \u043f\u043e\u043c\u043e\u0447\u044c \u043f\u0440\u0438\u043a\u0443\u043f\u0438\u0442\u044c \u0430\u0432\u0442\u043e \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u044c\u043d\u043e.\n\n\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c, \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u044e\u0449\u0438\u043c \u0441\u0432\u043e\u0438 \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 OpenMedata \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u043c\u0435\u043d\u044f\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439.", "creation_timestamp": "2024-04-19T17:00:07.000000Z"}, {"uuid": "b538e55d-23db-41af-8c3b-acd9a5331ef9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "seen", "source": "https://t.me/ctinow/209159", "content": "https://ift.tt/2QYHpxX\nCVE-2024-28253", "creation_timestamp": "2024-03-15T21:22:12.000000Z"}, {"uuid": "f6e6fc4c-8bea-4665-87cf-b18fa78f9fe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "seen", "source": "https://t.me/ctinow/209172", "content": "https://ift.tt/2QYHpxX\nCVE-2024-28253", "creation_timestamp": "2024-03-15T21:26:25.000000Z"}, {"uuid": "a64a3257-ddfb-4960-855b-f3890bb9bdda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-28253", "type": "published-proof-of-concept", "source": "https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-7vf4-x5m2-r6gr", "content": "", "creation_timestamp": "2024-03-15T06:12:00.000000Z"}, {"uuid": "a70c597d-a49e-4030-ae36-6fb68e3529e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "seen", "source": "https://t.me/TomCyberDaily/38", "content": "So here we are again.... ;) \n#TomCyberDaily #14 \nReady? Set? READ!\n\n1) Chinese Hackers Go Cryptomining on OpenMetadata, Leave Funny Note!\nMicrosoft is sounding the alarm: alleged Chinese hackers are exploiting vulnerabilities in OpenMetadata (CVE-2024-28255, CVE-2024-28847, CVE-2024-28253, CVE-2024-28848, and CVE-2024-28254) to install cryptomining malware on Kubernetes clusters. It's like a digital gold rush, but with more code and fewer pickaxes!\nThese crafty criminals are bypassing authentication and executing remote code, all while leaving a humorous note pleading with victims not to remove the malware. They claim they just want to buy a car and help their poor family in China. It's like a cybercriminal's version of a GoFundMe campaign, but with less empathy and more illegal activity!\n\n\n\n2) Moldovan man charged for running botnet used to push ransomware!\nAlexander Lefterov, aka Alipako, Uptime, and Alipatime, is in hot water with the U.S. Justice Department for allegedly running a massive botnet that infected thousands of computers across the U.S. It's like a digital puppet master, but instead of entertaining, he's accused of stealing credentials and money!\nThe indictment reads like a cybercriminal's rap sheet: aggravated identity theft, computer fraud, and conspiracy to commit wire fraud. Lefterov and his digital gang allegedly used malware to steal login info and access victims' online accounts.\n\n\n\n3) LabHost PhaaS Platform Busted, 37 Arrested in Global Crackdown!\nThe LabHost phishing-as-a-service (PhaaS) platform has been taken down in a year-long, worldwide law enforcement operation that's like a plotline straight out of a cybercrime thriller! The infrastructure was compromised, and 37 suspects were arrested, including the mastermind behind the scheme. It's like a game of \"Guess Who?\" but with more handcuffs and fewer funny faces!\nLabHost, launched in 2021, was like a one-stop-shop for aspiring cybercriminals. For a monthly subscription fee, even the most technologically challenged crooks could launch phishing attacks using pre-made kits for banks and services in North America. \n\n\n\n4) FIN7 Phishes U.S. Automaker's IT Staff, Aims for High-Octane Access!\nThe notorious FIN7 gang is back at it again, and this time they've set their sights on a big fish in the U.S. automotive industry! These financially motivated masterminds targeted the IT department of a large car manufacturer with some sneaky spear-phishing emails, hoping to infect systems with the Anunak backdoor. It's like a cybercriminal version of \"Gone in 60 Seconds,\" but instead of stealing cars, they're after your data!", "creation_timestamp": "2026-07-16T03:00:04.186398Z"}, {"uuid": "a45b84f3-cd61-4820-878e-456b1faf5383", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-28253", "type": "exploited", "source": "https://t.me/TomCyberDaily/38", "content": "So here we are again.... ;) \n#TomCyberDaily #14 \nReady? Set? READ!\n\n1) Chinese Hackers Go Cryptomining on OpenMetadata, Leave Funny Note!\nMicrosoft is sounding the alarm: alleged Chinese hackers are exploiting vulnerabilities in OpenMetadata (CVE-2024-28255, CVE-2024-28847, CVE-2024-28253, CVE-2024-28848, and CVE-2024-28254) to install cryptomining malware on Kubernetes clusters. It's like a digital gold rush, but with more code and fewer pickaxes!\nThese crafty criminals are bypassing authentication and executing remote code, all while leaving a humorous note pleading with victims not to remove the malware. They claim they just want to buy a car and help their poor family in China. It's like a cybercriminal's version of a GoFundMe campaign, but with less empathy and more illegal activity!\n\n\n\n2) Moldovan man charged for running botnet used to push ransomware!\nAlexander Lefterov, aka Alipako, Uptime, and Alipatime, is in hot water with the U.S. Justice Department for allegedly running a massive botnet that infected thousands of computers across the U.S. It's like a digital puppet master, but instead of entertaining, he's accused of stealing credentials and money!\nThe indictment reads like a cybercriminal's rap sheet: aggravated identity theft, computer fraud, and conspiracy to commit wire fraud. Lefterov and his digital gang allegedly used malware to steal login info and access victims' online accounts.\n\n\n\n3) LabHost PhaaS Platform Busted, 37 Arrested in Global Crackdown!\nThe LabHost phishing-as-a-service (PhaaS) platform has been taken down in a year-long, worldwide law enforcement operation that's like a plotline straight out of a cybercrime thriller! The infrastructure was compromised, and 37 suspects were arrested, including the mastermind behind the scheme. It's like a game of \"Guess Who?\" but with more handcuffs and fewer funny faces!\nLabHost, launched in 2021, was like a one-stop-shop for aspiring cybercriminals. For a monthly subscription fee, even the most technologically challenged crooks could launch phishing attacks using pre-made kits for banks and services in North America. \n\n\n\n4) FIN7 Phishes U.S. Automaker's IT Staff, Aims for High-Octane Access!\nThe notorious FIN7 gang is back at it again, and this time they've set their sights on a big fish in the U.S. automotive industry! These financially motivated masterminds targeted the IT department of a large car manufacturer with some sneaky spear-phishing emails, hoping to infect systems with the Anunak backdoor. It's like a cybercriminal version of \"Gone in 60 Seconds,\" but instead of stealing cars, they're after your data!", "creation_timestamp": "2026-07-17T00:00:56.878786Z"}]}