Tag

Lua

3 briefs RSS

fast16 Cyber Sabotage Framework

The fast16 framework is a cyber sabotage tool dating back to 2005 that selectively targets high-precision calculation software, patching code in memory to tamper with results, using a Lua virtual machine and propagating across an entire facility to produce inaccurate calculations, with svcmgmt.exe as a carrier and fast16.sys modifying executable code.

Windows 2000 +3 fast16 cyber sabotage lua kernel driver

3r 4t 4i Apr 23, 2026

high advisory

Libinput Code Injection Vulnerability via Malicious Lua Bytecode (CVE-2026-35093)

3 rules 6 TTPs 1 CVE

A local attacker can exploit CVE-2026-35093 in libinput by placing a specially crafted Lua bytecode file in configuration directories, allowing arbitrary code execution with the privileges of the application using libinput.

libinput code-injection lua cve-2026-35093

3r 6t 1c Apr 1, 2026

high advisory

Contour HTTPProxy Lua Code Injection via Cookie Path Rewrite

2 rules 3 TTPs

Contour's Cookie Rewriting feature is vulnerable to Lua code injection; an attacker with RBAC permissions to create or modify HTTPProxy resources can craft a malicious value in the `spec.routes[].cookieRewritePolicies[].pathRewrite.value` or `spec.routes[].services[].cookieRewritePolicies[].pathRewrite.value` fields, resulting in arbitrary code execution in the Envoy proxy.

Contour lua code-injection httpproxy cve-2026-41246

2r 3t Jan 9, 2024