Tag

Devops

3 briefs RSS

Nginx-UI Unauthenticated Remote Code Execution via Backup Restore

Nginx-UI is vulnerable to unauthenticated remote code execution (RCE) via the `POST /api/restore` endpoint, allowing attackers to inject arbitrary commands into the configuration.

nginx-ui rce authentication bypass command injection devops

2r 2t May 7, 2026

low advisory

GitHub Self-Hosted Runner Configuration Changes Detected

3 rules 8 TTPs

Detection of changes to self-hosted runner configurations in GitHub environments can indicate potential impact, discovery, collection, persistence, privilege escalation, initial access, or stealth activities.

GitHub Actions github self-hosted-runner audit-log devops supply-chain

3r 8t Jan 3, 2024

medium advisory

Execution via GitHub Actions Runner

3 rules 3 TTPs

Adversaries compromising GitHub Actions workflows can execute arbitrary commands on runner hosts, leading to code execution, reconnaissance, credential harvesting, or network exfiltration.

github-actions supply-chain execution devops

3r 3t Jan 2, 2024