{"vulnerability": "CVE-2025-30066", "sightings": [{"uuid": "da425300-78af-46be-adca-3cb2adf2ef82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llmvtgrsa3o2", "content": "", "creation_timestamp": "2025-03-30T22:39:03.801994Z"}, {"uuid": "4212e34c-69a4-4ae3-bd24-31ede19fbeaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llmxtudicur2", "content": "", "creation_timestamp": "2025-03-30T23:13:42.515998Z"}, {"uuid": "1e60771e-23c6-4bc2-b2ad-d24d9d340232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lkpp6ioj3dn2", "content": "", "creation_timestamp": "2025-03-19T07:57:26.162382Z"}, {"uuid": "264cd3c8-816a-432b-a888-9d6f366ca1e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lkr3emqvjm2u", "content": "", "creation_timestamp": "2025-03-19T21:02:06.537335Z"}, {"uuid": "f14ddd03-6604-4856-b2d5-94934d030ddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://thehackernews.com/2025/03/cisa-warns-of-active-exploitation-in.html", "content": "", "creation_timestamp": "2025-03-19T04:05:00.000000Z"}, {"uuid": "4d583da6-06d9-4a0c-8865-0c9c3c07faf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lkpsebpn7fv2", "content": "", "creation_timestamp": "2025-03-19T08:52:49.008430Z"}, {"uuid": "c80fc693-aebd-4365-8d4a-0740797422d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/malwhere.bsky.social/post/3lkpv4vdfbs2f", "content": "", "creation_timestamp": "2025-03-19T09:37:45.111351Z"}, {"uuid": "371802fb-142b-4f51-8d0b-2a14d0050c43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3lkiice3mqc2k", "content": "", "creation_timestamp": "2025-03-16T10:59:26.561982Z"}, {"uuid": "f4f00b4d-8430-4b58-9c9d-53524f9dd562", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lkrbwinv7s23", "content": "", "creation_timestamp": "2025-03-19T22:59:26.018904Z"}, {"uuid": "90fda08c-2f3f-4b58-96e7-a3f8d18c7181", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-30066", "type": "seen", "source": "https://gist.github.com/krstp/6674b8ed7627efed95a167a099a0b67b", "content": "", "creation_timestamp": "2025-03-18T15:27:29.000000Z"}, {"uuid": "e0f65fae-0885-413a-8b75-354965c05996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-25T08:06:32.000000Z"}, {"uuid": "68dde1bb-1fcf-476d-9a9a-6f99fc883b5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lkreqbcrvk23", "content": "", "creation_timestamp": "2025-03-19T23:49:37.918412Z"}, {"uuid": "bd59f956-092e-47c4-9cdf-77fb70ace6e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/rxerium.com/post/3lklt2h33p42r", "content": "", "creation_timestamp": "2025-03-17T18:49:52.763861Z"}, {"uuid": "10221d87-fd22-4e69-9807-686acb703eaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lkk67tx4452u", "content": "", "creation_timestamp": "2025-03-17T03:04:24.941964Z"}, {"uuid": "2783d1ea-a30e-42be-8f8f-aad7b68a1418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3lkjxkzke5c2y", "content": "", "creation_timestamp": "2025-03-17T01:05:28.091897Z"}, {"uuid": "10ce7e99-a09c-423a-9a33-7c13080d8ecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll4pcuhbhvg2", "content": "", "creation_timestamp": "2025-03-24T12:10:42.701576Z"}, {"uuid": "4919b458-34c8-44ac-8639-c4987c7a13f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll5mf56zozx2", "content": "", "creation_timestamp": "2025-03-24T20:46:08.443569Z"}, {"uuid": "6c09ea80-36f1-4617-948a-c1f42ed4027a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll4m2ndecwo2", "content": "", "creation_timestamp": "2025-03-24T11:00:08.831947Z"}, {"uuid": "35c95f67-59b0-4fe2-b24d-ad740695a24f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114199723453880990", "content": "", "creation_timestamp": "2025-03-21T09:31:31.565646Z"}, {"uuid": "a216828c-a8e8-4c7b-82d5-9aba195eca17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll4n63b43yo2", "content": "", "creation_timestamp": "2025-03-24T11:20:53.506736Z"}, {"uuid": "347d7636-349a-4cc8-a449-29e8c56a9bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lld6doohl62i", "content": "", "creation_timestamp": "2025-03-27T01:43:07.199297Z"}, {"uuid": "14076f6f-3fcb-4c41-9147-2e992c486a38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://swecyb.com/users/nopatience/statuses/114202520435383429", "content": "", "creation_timestamp": "2025-03-21T21:22:59.639700Z"}, {"uuid": "67de8ae4-d176-44d3-bb0b-c9a01b22cc1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/leekthehack.bsky.social/post/3lkm2amr6is2f", "content": "", "creation_timestamp": "2025-03-17T20:58:38.644648Z"}, {"uuid": "9cb7ba0f-45a1-4b22-9f3b-2c46e5361e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "MISP/0d58ff39-a69c-40e6-a9cc-80eb494aa646", "content": "", "creation_timestamp": "2025-03-22T22:33:21.000000Z"}, {"uuid": "7d45039c-7650-4159-b358-55101bb7f062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3lkjzi2wa2p2p", "content": "", "creation_timestamp": "2025-03-17T01:39:31.903938Z"}, {"uuid": "1788cfaa-dbcb-4801-aa2c-da05401a9288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lkut5ekzv7j2", "content": "", "creation_timestamp": "2025-03-21T08:45:35.175706Z"}, {"uuid": "fb6cfc65-70fc-4008-a185-c421c7e68a88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114165346135872333", "content": "", "creation_timestamp": "2025-03-15T07:48:55.582464Z"}, {"uuid": "1e8d65fb-a60f-4b54-8d14-4f8e520ed845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkocgewvgh2u", "content": "", "creation_timestamp": "2025-03-18T18:30:17.953924Z"}, {"uuid": "1e740eff-98b6-4c76-8102-c61ecaa1fbf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3llcgnq4rwa26", "content": "", "creation_timestamp": "2025-03-26T18:39:14.201681Z"}, {"uuid": "17818ccd-eee8-4b29-8926-58fe926e7440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/technews4869.bsky.social/post/3lkkie6i3aj2m", "content": "", "creation_timestamp": "2025-03-17T06:05:47.927894Z"}, {"uuid": "88110388-c554-48ba-b60a-d0d6868b16f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "MISP/0d58ff39-a69c-40e6-a9cc-80eb494aa646", "content": "", "creation_timestamp": "2025-03-21T07:32:25.000000Z"}, {"uuid": "86b1d5f6-9820-4cc8-ace0-c465788e6093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkfqwmzhrk2m", "content": "", "creation_timestamp": "2025-03-15T08:55:58.062499Z"}, {"uuid": "b9e333f7-68fd-4853-87c2-ce363392bf49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lkpxvupzl3n2", "content": "", "creation_timestamp": "2025-03-19T10:27:40.426717Z"}, {"uuid": "b703f910-e416-40e1-9cbd-98c8fa0a6846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lks33blhec23", "content": "", "creation_timestamp": "2025-03-20T06:29:31.348512Z"}, {"uuid": "1ad7a640-9068-4de6-b36d-f88963d0fcd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lkoi23knza2e", "content": "", "creation_timestamp": "2025-03-18T20:10:48.605223Z"}, {"uuid": "06983964-3942-4135-8f3f-2429188776be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lkmlqo277k24", "content": "", "creation_timestamp": "2025-03-18T02:11:47.469794Z"}, {"uuid": "72770ad4-52e6-4661-80a6-6792cedbd410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll4zb4aiv7o2", "content": "", "creation_timestamp": "2025-03-24T14:59:34.697045Z"}, {"uuid": "00ed0e43-03d5-4e31-833e-c56aad48d30b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3601809", "content": "", "creation_timestamp": "2025-03-18T20:31:08.056288Z"}, {"uuid": "d1d3bec4-d649-4b6e-8bbe-efb57cbd8131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/yarlob.bsky.social/post/3lkn3yi2er22e", "content": "", "creation_timestamp": "2025-03-18T07:02:33.559938Z"}, {"uuid": "4d8ada15-b055-4148-a179-03d157120241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lkokvkcyms2a", "content": "", "creation_timestamp": "2025-03-18T21:01:56.740099Z"}, {"uuid": "c1afed03-a4fd-4368-99fe-a57d7c771a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/mbissey.bsky.social/post/3lkqe2y56z72f", "content": "", "creation_timestamp": "2025-03-19T14:05:02.944029Z"}, {"uuid": "7753f8e3-9872-47b4-a488-3d5f72421bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lkontmgegz2p", "content": "", "creation_timestamp": "2025-03-18T21:54:33.774900Z"}, {"uuid": "25450abe-14f3-4c14-a542-fdc825b5b64c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-18T21:10:04.000000Z"}, {"uuid": "3cda91ad-83c1-4e05-8acb-8ff7a808e43a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/bijouxbeejuice.bsky.social/post/3lkomjiwxvk2t", "content": "", "creation_timestamp": "2025-03-18T21:31:04.058506Z"}, {"uuid": "c55114bf-e6d4-4f3e-ae3c-910d2ef393b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/bijouxbeejuice.bsky.social/post/3lkomjkhat22t", "content": "", "creation_timestamp": "2025-03-18T21:31:04.544100Z"}, {"uuid": "115ccd07-506a-4a80-8d16-aebb8e7f3968", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/bijouxbeejuice.bsky.social/post/3lkomjkhfpc2t", "content": "", "creation_timestamp": "2025-03-18T21:31:05.047250Z"}, {"uuid": "0343cfe9-a3f9-400c-874d-244bef0432ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/bijouxbeejuice.bsky.social/post/3lkomjiwbgs2t", "content": "", "creation_timestamp": "2025-03-18T21:31:02.819580Z"}, {"uuid": "df417ee6-c540-483c-9678-e6e5915e42ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lktd6pypgx42", "content": "", "creation_timestamp": "2025-03-20T18:28:28.533583Z"}, {"uuid": "1cbc031f-7964-4844-a6f2-a28d48bcf55b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/bijouxbeejuice.bsky.social/post/3lkomjiwtyk2t", "content": "", "creation_timestamp": "2025-03-18T21:31:03.320334Z"}, {"uuid": "fd3e59e1-6f97-49e5-b3ab-b5566b0a87e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll4dd2zlieo2", "content": "", "creation_timestamp": "2025-03-24T08:28:19.867131Z"}, {"uuid": "4ce4fe3a-7e7d-4494-8762-55a46448e567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lkonv6k34n2s", "content": "", "creation_timestamp": "2025-03-18T21:55:25.734690Z"}, {"uuid": "0d88ac16-d66b-486a-934a-fedbdfebf364", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lkkxmd7ksc2y", "content": "", "creation_timestamp": "2025-03-17T10:38:47.650796Z"}, {"uuid": "aef7226f-a2a6-43ca-b245-4f55d2c4aebd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll6muu3g2ro2", "content": "", "creation_timestamp": "2025-03-25T06:20:09.759264Z"}, {"uuid": "92e55308-ea8f-4333-9e29-4852daec30b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114168061125224055", "content": "", "creation_timestamp": "2025-03-15T19:19:23.586912Z"}, {"uuid": "59e4df82-21fe-46a9-a71a-e4e26220a673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lkkxwzdzch2i", "content": "", "creation_timestamp": "2025-03-17T10:44:46.958652Z"}, {"uuid": "bd1ac5c6-7250-4a5c-8252-0e3076f4a85a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/chunkylumplump.bsky.social/post/3lkqiegsbf22q", "content": "", "creation_timestamp": "2025-03-19T15:21:55.087313Z"}, {"uuid": "6e8cc3e8-570a-4bc6-9a05-f3ae488abfee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-30066", "type": "seen", "source": "https://bsky.app/profile/tracyragan.bsky.social/post/3lklmhbeadx25", "content": "", "creation_timestamp": "2025-03-17T16:51:46.574770Z"}, {"uuid": "dc8dbb53-f3ab-449b-a706-63f6726ac708", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/hackread.bsky.social/post/3lklingqdss2v", "content": "", "creation_timestamp": "2025-03-17T15:43:41.130494Z"}, {"uuid": "5085628e-ff64-4ede-bfc3-bcbd6e3640c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114186631339542690", "content": "", "creation_timestamp": "2025-03-19T02:02:05.962690Z"}, {"uuid": "11ebe3e8-ba42-4e16-9e35-32cb42bfbe5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3lkp53qxjvk2u", "content": "", "creation_timestamp": "2025-03-19T02:27:35.807144Z"}, {"uuid": "9c1dbacf-68f3-4413-a3bb-c9bc09a2cbea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkpgirxp6z2a", "content": "", "creation_timestamp": "2025-03-19T05:15:53.389184Z"}, {"uuid": "d62512da-ba74-4b65-b277-c6806e24096c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/ehcgroup.bsky.social/post/3lkr2dclw622p", "content": "", "creation_timestamp": "2025-03-19T20:43:26.338520Z"}, {"uuid": "6ff31178-1e11-4b0b-b468-1b0bd4fa9536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll22lr3zerf2", "content": "", "creation_timestamp": "2025-03-23T10:42:21.836097Z"}, {"uuid": "3c382d49-d267-46d6-83f2-bc3e5cb40f5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/inmobi-info.bsky.social/post/3lmb5bnzsrw2l", "content": "", "creation_timestamp": "2025-04-07T23:43:58.378714Z"}, {"uuid": "affb6284-4868-4b3e-894d-cafd3f5f0fd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lkpdmnrjlm25", "content": "", "creation_timestamp": "2025-03-19T04:24:22.189181Z"}, {"uuid": "7425351e-c16c-4ae6-9b8a-262014208374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/technews4869.bsky.social/post/3lkxpx4b36m2l", "content": "", "creation_timestamp": "2025-03-22T12:26:15.985563Z"}, {"uuid": "72c9c7e6-8137-420a-bf2a-602b2b778f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-30066", "type": "seen", "source": "https://bsky.app/profile/deployhub.bsky.social/post/3lklmh2lffz2b", "content": "", "creation_timestamp": "2025-03-17T16:51:39.889721Z"}, {"uuid": "b702201f-ce75-4cd2-a2ec-ec2bc81c5e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-30066", "type": "seen", "source": "https://bsky.app/profile/orteliusos.bsky.social/post/3lklmh63wi62j", "content": "", "creation_timestamp": "2025-03-17T16:51:43.362281Z"}, {"uuid": "7e52e8e2-55f2-45d7-9185-e91d453c0156", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/OpenSource.activitypub.awakari.com.ap.brid.gy/post/3lmhp3xkch7x2", "content": "", "creation_timestamp": "2025-04-10T14:18:59.382303Z"}, {"uuid": "4c28351d-6358-49a7-95f9-bc0bd2c8055c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3lpkxmu5wlr2q", "content": "", "creation_timestamp": "2025-05-20T01:45:04.925310Z"}, {"uuid": "e4a8d5b9-c980-4881-8f25-867cea672883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://gist.github.com/thomaspoignant/829f7538ef985d051d95cadadbc53700", "content": "", "creation_timestamp": "2025-05-02T15:25:03.000000Z"}, {"uuid": "44744ded-1803-4000-8b23-7671b922dd4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3logysdwspt2r", "content": "", "creation_timestamp": "2025-05-05T18:30:20.262842Z"}, {"uuid": "08f1ebc0-a055-4cdb-922a-dc4aaadb0ef1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:45.000000Z"}, {"uuid": "cd7a438f-4bbf-4622-8bca-5bd82097af73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:48:00.000000Z"}, {"uuid": "7b840458-d47a-4d79-99b4-ce44ad6ec289", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3majaqnsg5h2u", "content": "", "creation_timestamp": "2025-12-21T17:31:13.048403Z"}, {"uuid": "7cfcc868-9341-4463-aa7a-8dede0a6d0df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://gist.github.com/ktrysmt/c05bc7119370f4f297fd8d90757c6091", "content": "", "creation_timestamp": "2026-02-22T01:10:43.000000Z"}, {"uuid": "ab58acad-adba-4bd8-88ab-19825f7a500e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3majbdarlh22i", "content": "", "creation_timestamp": "2025-12-21T17:41:36.310554Z"}, {"uuid": "96ca87a2-b145-45b6-a3e4-634d80c8b89a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-30066", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/85eec58e-1219-4ae4-9bab-332b2647ea38", "content": "", "creation_timestamp": "2026-02-02T12:26:05.408027Z"}, {"uuid": "12277b0d-5f8c-4518-91a9-4c2c0fe1c3da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://gist.github.com/hdknr/5bbdc7bd98ff0dbdfde257d909d48d8c", "content": "", "creation_timestamp": "2026-03-05T05:57:14.000000Z"}, {"uuid": "13e16f3e-a01f-44d3-bc65-adabd978bd97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mklf6vqvpq2r", "content": "", "creation_timestamp": "2026-04-28T20:08:01.681422Z"}, {"uuid": "02e0de52-c2c2-4a76-82a3-9ccc6b95783c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7671", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30066\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were not originally affected, but were modified by a threat actor to point at commit 0e58ed8, which contains the malicious updateFeatures code.)\n\ud83d\udccf Published: 2025-03-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-15T05:43:06.432Z\n\ud83d\udd17 References:\n1. https://github.com/github/docs/blob/962a1c8dccb8c0f66548b324e5b921b5e4fbc3d6/content/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions.md?plain=1#L191-L193\n2. https://github.com/tj-actions/changed-files/issues/2463\n3. https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised\n4. https://semgrep.dev/blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/\n5. https://news.ycombinator.com/item?id=43368870", "creation_timestamp": "2025-03-15T05:47:12.000000Z"}, {"uuid": "cf287525-41f0-4256-aee5-609e3db1fadb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://gist.github.com/hiboma/8ac6a8d6a5b013096f344ca21ca08aca", "content": "", "creation_timestamp": "2026-04-01T05:00:10.000000Z"}, {"uuid": "c1988eea-3ea8-4283-8a75-449693e4a79e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/19646", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aTest CVE-2025-30066\nURL\uff1ahttps://github.com/OS-pedrogustavobilro/test-changed-files\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-27T18:05:31.000000Z"}, {"uuid": "9232db3e-082c-4ee5-91af-fd9cb141af91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "published-proof-of-concept", "source": "Telegram/uz3Ii5rPCysehEa9OU0_DuESJ8cYigCIC8uNS5druarIJng", "content": "", "creation_timestamp": "2025-03-17T16:00:09.000000Z"}, {"uuid": "6ce54c1c-6f96-48bd-9e40-caadb2f7fdbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://t.me/cvedetector/20364", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30066 - Tj-Actions Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30066 \nPublished : March 15, 2025, 6:15 a.m. | 1\u00a0hour, 36\u00a0minutes ago \nDescription : tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were not originally affected, but were modified by a threat actor to point at commit 0e58ed8, which contains the malicious updateFeatures code.) \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-15T09:26:16.000000Z"}, {"uuid": "2ae1445a-8880-4577-b98e-5928a938991c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "exploited", "source": "https://t.me/cibsecurity/83769", "content": "\ud83e\udd85 CISA Adds Two Critical Vulnerabilities (CVE-2025-24472 and CVE-2025-30066) to the Known Exploited Vulnerabilities Catalog \ud83e\udd85\n\nCyble CISA Adds Two Critical Vulnerabilities CVE202524472 and CVE202530066 to the Known Exploited Vulnerabilities Catalog \" dataimagecaption\"Cyble CISA Adds Two Critical Vulnerabilities CVE202524472 and CVE202530066 to the Known Exploited Vulnerabilities Catalog \" datamediumfile\"httpscyble.comwpcontentuploads202503CybleBlogsCISACVE202524472300x150.png\" datalargefile\"httpscyble.comwpcontentuploads202503CybleBlogsCISACVE2025244721024x512.png\" title\"CISA Adds Two Critical Vulnerabilities CVE202524472 and CVE202530066 to the Known Exploited Vulnerabilities Catalog 1\"  Overview     The Cybersecurity and Infrastructure Security Agency CISA has recently added two major vulnerabilities to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. These vulnerabilities, ...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2025-03-19T15:02:43.000000Z"}, {"uuid": "964c9b29-8567-4d8f-86f7-3b7e7a4e645d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "exploited", "source": "Telegram/EYqwvZ7L5VFMmfCIJHFN2QnCetWyBG0SU4L3U7DtBpGGdA", "content": "", "creation_timestamp": "2025-03-21T10:27:03.000000Z"}, {"uuid": "6a093bc3-b3d1-4a64-aad2-635cc1b7662e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "published-proof-of-concept", "source": "Telegram/FOz4rd7XuutkjQXbcIrCTHy3zJGbsBsUj-O6IEGiQu3y4sE", "content": "", "creation_timestamp": "2025-03-15T07:00:26.000000Z"}, {"uuid": "d441d36f-931c-4ecc-8f0d-befe93cb197f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "exploited", "source": "https://t.me/claytechsolution/252", "content": "The Hacker News\nCISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog.\nThe high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote", "creation_timestamp": "2025-03-19T08:47:37.000000Z"}, {"uuid": "b65d56af-77b7-44aa-8ed4-a70761bbc666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://t.me/CyberBulletin/2641", "content": "\u26a1Popular GitHub Action \u201ctj-actions/changed-files\u201d Compromised (CVE-2025-30066).\n\n#CyberBulletin", "creation_timestamp": "2025-03-16T09:45:39.000000Z"}, {"uuid": "654c9297-ff4e-4bf0-a89a-751850dfb2d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "exploited", "source": "Telegram/EI-xkUA6CHxoU0INo2rmdUIZDmCbkoA5I3OJzlMQPdIyMQ", "content": "", "creation_timestamp": "2025-03-19T07:20:30.000000Z"}, {"uuid": "afbffa18-9db7-4e43-878e-feaf9c2be319", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "published-proof-of-concept", "source": "Telegram/3ZjmZbxq3HNmCMq1qwcNBbhaNpORE_O2rzLvzBK7gqIu8XA", "content": "", "creation_timestamp": "2025-03-19T08:00:09.000000Z"}, {"uuid": "69786f1e-a1f4-415c-9332-406f2b390e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "Telegram/Okmx1F9Jo1J3yfRabNJBgs_VmLY1ma9TMNpGFy5-li84i7g", "content": "", "creation_timestamp": "2025-03-19T20:05:38.000000Z"}, {"uuid": "db3e80a2-b6a2-49a0-8967-b9a7fb8b574e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://t.me/true_secator/6845", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 GitHub Action \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u0441\u0435\u043a\u0440\u0435\u0442\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e\u0439 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0435\u0439 \u0438 \u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e\u0439 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u043e\u0439 (CI/CD).\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c StepSecurity, \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u043d\u0430\u0447\u0430\u043b\u0441\u044f\u00a014 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u043b \u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u00a0tj-actions/changed-files\u00a0(\u0434\u0430\u043b\u0435\u0435 - Changed-Files), \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u0432 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0432 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0432 23 000 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 GitHub.\n\nAction \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440\u0430\u0445 CI/CD \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u0431\u044b\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u044b. \u042d\u0442\u043e \u0431\u0430\u0437\u043e\u0432\u044b\u0439, \u043d\u043e \u043e\u0447\u0435\u043d\u044c \u0432\u0430\u0436\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0441\u0442\u0430\u043b \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 GitHub.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u0437\u043c\u0435\u043d\u0438\u043b \u043a\u043e\u0434 Changed-files \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 Python, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0441\u0435\u043a\u0440\u0435\u0442\u044b CI/CD \u0438\u0437 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 Runner Worker.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0432\u0437\u043b\u043e\u043c\u0430\u043b Changed-Files, \u043d\u043e, \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u0443\u0432 \u0432\u043d\u0443\u0442\u0440\u044c, \u043e\u043d \u0434\u043e\u0431\u0430\u0432\u0438\u043b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043a\u0430\u0436\u0434\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0430 \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442, \u0447\u0442\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0441\u0442\u0430\u0440\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b.\n\n\u0421\u0435\u043a\u0440\u0435\u0442\u044b \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0432 \u0436\u0443\u0440\u043d\u0430\u043b \u0441\u0431\u043e\u0440\u043a\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 (build log), \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0434\u043b\u044f \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0440\u0438\u0441\u043a \u0443\u0442\u0435\u0447\u043a\u0438 \u043d\u0438\u0436\u0435, \u0430 \u0432\u043e\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u043c \u0442\u0435\u043f\u0435\u0440\u044c \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0440\u043e\u0442\u0430\u0446\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, StepSecurity \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430 \u043e\u0431 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u0442\u0435\u0447\u043a\u0430 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432 \u0431\u044b\u043b\u0430 \u043a\u0430\u043a-\u043b\u0438\u0431\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430.\n\n\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0442\u0435\u0433\u043e\u0432 \u0432\u0435\u0440\u0441\u0438\u0439 Changed-files \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u0434\u043b\u044f \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u044f \u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u043c\u043c\u0438\u0442.\u00a0\u042d\u0442\u043e\u043c\u0443 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0443 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u00a0 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u00a0CVE-2025-30066.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Endor Labs \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u0441\u043b\u0435\u0434\u0438\u043b\u0438 \u044d\u0442\u043e\u0442 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u0438 \u043d\u0435 \u043d\u0430\u0448\u043b\u0438 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0431\u044b\u043b\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0438\u043b\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u043d\u0435 \u0438\u0441\u043a\u0430\u043b \u0441\u0435\u043a\u0440\u0435\u0442\u044b \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 - \u043e\u043d\u0438 \u0443\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u0447\u0435\u043d\u044b. \u0421\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0445\u043e\u0442\u0435\u043b \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u041f\u041e \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u043e\u0432, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435.\n\n\u041b\u044e\u0431\u043e\u0439 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u043f\u0430\u043a\u0435\u0442\u044b \u0438\u043b\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b \u043a\u0430\u043a \u0447\u0430\u0441\u0442\u044c \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440\u0430 CI, \u043c\u043e\u0433 \u0431\u044b\u0442\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442. \u042d\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e 1000 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u044d\u0442\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u043a\u0430\u043a \u0447\u0430\u0441\u0442\u043d\u044b\u0435, \u0442\u0430\u043a \u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438. \u0415\u0441\u043b\u0438 \u044d\u0442\u0438 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0441\u0435\u043a\u0440\u0435\u0442\u044b \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440\u0430 CI/CD \u0434\u043b\u044f \u0440\u0435\u0435\u0441\u0442\u0440\u043e\u0432 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u043e\u0432 \u0438\u043b\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n15 \u043c\u0430\u0440\u0442\u0430 GitHub \u0443\u0434\u0430\u043b\u0438\u043b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 tj-actions/changed-files \u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b \u0435\u0433\u043e \u0432 \u0442\u043e\u0442 \u0436\u0435 \u0434\u0435\u043d\u044c \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u043c\u043c\u0438\u0442 \u0431\u044b\u043b \u0443\u0434\u0430\u043b\u0435\u043d \u0438\u0437 \u0432\u0441\u0435\u0445 \u0442\u0435\u0433\u043e\u0432 \u0438 \u0432\u0435\u0442\u043e\u043a.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Tj-actions \u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438, IoC \u0438 \u043c\u0435\u0440\u0430\u043c\u0438 \u043f\u043e \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u043d\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b.\u00a0\n\n\u041f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u044d\u0442\u043e\u0433\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 \u0432\u044b\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438\u0441\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u044f: \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u0430\u0433\u0430\u043b\u0438, \u0447\u0442\u043e \u044d\u0442\u043e \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0430\u0442\u0430\u043a\u0430, \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u0430\u044f \u043d\u0435\u043e\u043f\u044b\u0442\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u0438\u043b\u0438 \u044d\u0442\u043e \u0431\u044b\u043b\u0430 \u043f\u0440\u043e\u0441\u0442\u0430\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0430 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043e\u0441\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0440\u0438\u0441\u043a\u0430\u0445.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u043e\u0434\u0438\u043d \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0442\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e \u0435\u0449\u0435 \u0433\u043e\u0434 \u043d\u0430\u0437\u0430\u0434 \u043e\u043d \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u0442\u0435\u043e\u0440\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 tj-actions/changed-files.", "creation_timestamp": "2025-03-17T12:42:59.000000Z"}, {"uuid": "5bc3f2f7-a6ab-4ef7-82e1-12b645989f48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "published-proof-of-concept", "source": "Telegram/Bv88UFAs2S-bfkt5nVJnWnNXs0wqmAKkroALbyJD8-4KcaQ", "content": "", "creation_timestamp": "2025-03-15T21:28:09.000000Z"}, {"uuid": "84d2c005-d3f3-42e9-bf03-85b8e188b5af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://t.me/ctinow/232486", "content": "Supply Chain Compromise of Third-Party GitHub Action, CVE-2025-30066\nhttps://ift.tt/Pvabw73", "creation_timestamp": "2025-03-18T20:49:44.000000Z"}, {"uuid": "d777bf5e-ec21-4d3e-a1dd-6712f3cd4974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11941", "content": "#exploit\n1. CVE-2024-7014:\nTelegram EvilVideo Vulnerability\nhttps://github.com/absholi7ly/PoC-for-CVE-2024-7014-Exploit\n\n2. CVE-2025-30066:\nEmbedded Malicious Code\n(\"tj-actions/changed-files\" Attack)\nhttps://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised\n\n3. CVE-2024-0406:\nPath Traversal in mholt/archiver\nhttps://github.com/walidpyh/CVE-2024-0406-POC", "creation_timestamp": "2025-03-18T15:37:05.000000Z"}, {"uuid": "03043af1-ff05-4e60-ac31-09b6a0a70db3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "exploited", "source": "https://t.me/thehackernews/6515", "content": "\ud83d\udea8 GitHub Actions are under attack!\n\nA supply chain attack hit tj-actions/changed-files, leaking AWS keys, GitHub PATs &amp; more. CISA confirms active exploitation.\n\n\ud83d\udd39 CVE-2025-30066 (CVSS 8.6)\n\ud83d\udd39 Attack spread via another compromised Action\n\ud83d\udd39 Sensitive secrets exposed via logs\n\nDetails: https://thehackernews.com/2025/03/cisa-warns-of-active-exploitation-in.html\n\n\u26a0\ufe0f Rotate secrets, audit workflows, pin actions to commits\u2014this won\u2019t be the last attack.", "creation_timestamp": "2025-03-19T06:10:48.000000Z"}, {"uuid": "52af4ce3-5303-4496-b2c0-6e1935b8465c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "exploited", "source": "https://t.me/thehackernews/6538", "content": "\ud83d\udea8 Coinbase dodged a bullet\u2014but 218 repos weren\u2019t so lucky.\n\nA GitHub supply chain attack hijacked tj-actions/changed-files, leaking secrets from 200+ projects.\n\n\ud83d\udd0d CVE-2025-30066 + CVE-2025-30154 | CVSS 8.6\n\ud83c\udfaf Targets: DockerHub, npm, AWS creds\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f Tactics: Fork PRs, dangling commits, burner GitHub accounts\n\nThis isn\u2019t just a glitch. It\u2019s a playbook for future CI/CD attacks.\n\nWhy it matters now? Thousands still trust infected actions. The exploit may be gone\u2014but the method isn\u2019t.\n\n\ud83d\udd17 Dig deeper before your next push: https://thehackernews.com/2025/03/github-supply-chain-breach-coinbase.html", "creation_timestamp": "2025-03-23T06:33:21.000000Z"}, {"uuid": "8df01ddd-8c1b-45de-94bb-06a01467bd26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "seen", "source": "https://t.me/S_E_Reborn/5486", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 GitHub Action \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u0441\u0435\u043a\u0440\u0435\u0442\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e\u0439 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0435\u0439 \u0438 \u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e\u0439 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u043e\u0439 (CI/CD).\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c StepSecurity, \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u043d\u0430\u0447\u0430\u043b\u0441\u044f\u00a014 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u043b \u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u00a0tj-actions/changed-files\u00a0(\u0434\u0430\u043b\u0435\u0435 - Changed-Files), \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u0432 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0432 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0432 23 000 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 GitHub.\n\nAction \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440\u0430\u0445 CI/CD \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u0431\u044b\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u044b. \u042d\u0442\u043e \u0431\u0430\u0437\u043e\u0432\u044b\u0439, \u043d\u043e \u043e\u0447\u0435\u043d\u044c \u0432\u0430\u0436\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0441\u0442\u0430\u043b \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 GitHub.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u0437\u043c\u0435\u043d\u0438\u043b \u043a\u043e\u0434 Changed-files \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 Python, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0441\u0435\u043a\u0440\u0435\u0442\u044b CI/CD \u0438\u0437 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 Runner Worker.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0432\u0437\u043b\u043e\u043c\u0430\u043b Changed-Files, \u043d\u043e, \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u0443\u0432 \u0432\u043d\u0443\u0442\u0440\u044c, \u043e\u043d \u0434\u043e\u0431\u0430\u0432\u0438\u043b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043a\u0430\u0436\u0434\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0430 \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442, \u0447\u0442\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0441\u0442\u0430\u0440\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b.\n\n\u0421\u0435\u043a\u0440\u0435\u0442\u044b \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0432 \u0436\u0443\u0440\u043d\u0430\u043b \u0441\u0431\u043e\u0440\u043a\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 (build log), \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0434\u043b\u044f \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0440\u0438\u0441\u043a \u0443\u0442\u0435\u0447\u043a\u0438 \u043d\u0438\u0436\u0435, \u0430 \u0432\u043e\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u043c \u0442\u0435\u043f\u0435\u0440\u044c \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0440\u043e\u0442\u0430\u0446\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, StepSecurity \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430 \u043e\u0431 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u0442\u0435\u0447\u043a\u0430 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432 \u0431\u044b\u043b\u0430 \u043a\u0430\u043a-\u043b\u0438\u0431\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430.\n\n\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0442\u0435\u0433\u043e\u0432 \u0432\u0435\u0440\u0441\u0438\u0439 Changed-files \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u0434\u043b\u044f \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u044f \u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u043c\u043c\u0438\u0442.\u00a0\u042d\u0442\u043e\u043c\u0443 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0443 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u00a0 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u00a0CVE-2025-30066.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Endor Labs \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u0441\u043b\u0435\u0434\u0438\u043b\u0438 \u044d\u0442\u043e\u0442 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u0438 \u043d\u0435 \u043d\u0430\u0448\u043b\u0438 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0431\u044b\u043b\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0438\u043b\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u043d\u0435 \u0438\u0441\u043a\u0430\u043b \u0441\u0435\u043a\u0440\u0435\u0442\u044b \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 - \u043e\u043d\u0438 \u0443\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u0447\u0435\u043d\u044b. \u0421\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0445\u043e\u0442\u0435\u043b \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u041f\u041e \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u043e\u0432, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435.\n\n\u041b\u044e\u0431\u043e\u0439 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u043f\u0430\u043a\u0435\u0442\u044b \u0438\u043b\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b \u043a\u0430\u043a \u0447\u0430\u0441\u0442\u044c \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440\u0430 CI, \u043c\u043e\u0433 \u0431\u044b\u0442\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442. \u042d\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e 1000 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u044d\u0442\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u043a\u0430\u043a \u0447\u0430\u0441\u0442\u043d\u044b\u0435, \u0442\u0430\u043a \u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438. \u0415\u0441\u043b\u0438 \u044d\u0442\u0438 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0441\u0435\u043a\u0440\u0435\u0442\u044b \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440\u0430 CI/CD \u0434\u043b\u044f \u0440\u0435\u0435\u0441\u0442\u0440\u043e\u0432 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u043e\u0432 \u0438\u043b\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n15 \u043c\u0430\u0440\u0442\u0430 GitHub \u0443\u0434\u0430\u043b\u0438\u043b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 tj-actions/changed-files \u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b \u0435\u0433\u043e \u0432 \u0442\u043e\u0442 \u0436\u0435 \u0434\u0435\u043d\u044c \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u043c\u043c\u0438\u0442 \u0431\u044b\u043b \u0443\u0434\u0430\u043b\u0435\u043d \u0438\u0437 \u0432\u0441\u0435\u0445 \u0442\u0435\u0433\u043e\u0432 \u0438 \u0432\u0435\u0442\u043e\u043a.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Tj-actions \u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438, IoC \u0438 \u043c\u0435\u0440\u0430\u043c\u0438 \u043f\u043e \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u043d\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b.\u00a0\n\n\u041f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u044d\u0442\u043e\u0433\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 \u0432\u044b\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438\u0441\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u044f: \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u0430\u0433\u0430\u043b\u0438, \u0447\u0442\u043e \u044d\u0442\u043e \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0430\u0442\u0430\u043a\u0430, \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u0430\u044f \u043d\u0435\u043e\u043f\u044b\u0442\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u0438\u043b\u0438 \u044d\u0442\u043e \u0431\u044b\u043b\u0430 \u043f\u0440\u043e\u0441\u0442\u0430\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0430 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043e\u0441\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0440\u0438\u0441\u043a\u0430\u0445.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u043e\u0434\u0438\u043d \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0442\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e \u0435\u0449\u0435 \u0433\u043e\u0434 \u043d\u0430\u0437\u0430\u0434 \u043e\u043d \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u0442\u0435\u043e\u0440\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 tj-actions/changed-files.", "creation_timestamp": "2025-03-17T12:43:30.000000Z"}, {"uuid": "12607723-dee6-41c5-ab75-da3615642563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11969", "content": "#tools\n#Blue_Team_Techniques\n1. Static Analysis of GUID Encoded Shellcode\nhttps://isc.sans.edu/diary/Static+Analysis+of+GUID+Encoded+Shellcode/31774\n2. Sigma Rule for CVE-2025-29927 (Next.js) Detection\nhttps://github.com/elshaheedy/CVE-2025-29927-Sigma-Rule\n]-&gt; Nuclei template\n3. CVE-2025-30066 Detection Tool\nhttps://github.com/Checkmarx/Checkmarx-CVE-2025-30066-Detection-Tool", "creation_timestamp": "2025-03-26T02:17:15.000000Z"}, {"uuid": "ca53256f-b840-465e-a472-ca436f4eae8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30066", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/1422", "content": "https://github.com/Checkmarx/Checkmarx-CVE-2025-30066-Detection-Tool\n\nCheckmarx-CVE-2025-30066-Detection-Tool\n#github #exploit", "creation_timestamp": "2025-03-28T12:34:12.000000Z"}]}