Issue #10 - AppSec Weekly 🛡️

Your go-to source for the latest in application security trends, tools, and insights!

Author

Shiva
March 22, 2025

AppSec Weekly

📰 TLDR AppSec Weekly 📰

🔒 GitHub’s tj-actions/changed-files breach spotlighted the dangers of mutable GitHub Action tags—Vet 1.9.8 now scans pinned commits to prevent supply chain attacks.

🪝 PassKeys are not unphishable: CVE-2024-9956 exposes a flaw where attackers hijack mobile browser intents via BLE, stealing credentials silently.

🐛 Expat patched CVE-2024-8176, fixing a 20+ year recursion vulnerability that risked denial-of-service via crafted XML inputs.

🛠️ Oxlint entered beta with 500+ lint rules and 2x faster JavaScript analysis, targeting large codebases with blazing speed.

🔬 Galois released GREASE, an open-source tool using symbolic execution to reveal hidden vulnerabilities in ELF binaries and LLVM bitcode.

🧠 LLM-powered security reviews gain traction, but challenges remain in benchmarking, edge case detection, and OSS adoption.

🌶️ 🌶️ This Week in AppSec World 🌶️ 🌶️

🔒 US Treasury Breach via PostgreSQL Zero-Day

On Dec 30th, a China-backed APT exploited a 9-year-old SQL injection zero-day in PostgreSQL, breaching US Treasury systems. The flaw stemmed from improper Unicode string handling in PQescapeStringInternal, allowing unescaped single quotes to slip through. Attackers leveraged BeyondTrust’s PAM software and psql command-line interface to execute system commands. This breach highlights how complex string encoding and legacy code paths can expose critical vulnerabilities—even in mature, heavily scrutinized software.

Google has released OSV-Scanner V2, a major update integrating OSV-SCALIBR for enhanced vulnerability scanning and remediation across source code, containers, and artifacts. The new version adds layer-aware container scanning, support for more ecosystems (Java, Python, Go, Node), and an interactive HTML output for clear vulnerability reporting. Guided remediation now extends to Maven pom.xml files, offering automated dependency updates for Java projects. Google plans to add reachability analysis, VEX support, and full filesystem accountability for containers later this year.

Security researcher Jakub Domeracki identified a bucket traversal flaw in google.cloud.storage.transfer_manager.upload_chunks_concurrently(). The bug allowed attackers to exploit unescaped user input in blob.name to perform path traversal (../bucket/object), potentially overwriting files or injecting malicious objects.Google patched the issue by applying the _quote() function to properly sanitize blob names, awarding $3,133.70 under its OSS VRP program. This highlights the importance of strict input validation, even in well-reviewed libraries.

VoidZero’s Rust-based linter, Oxlint, enters beta with 502 built-in rules and speeds up linting by 2X over previous versions. Designed for large codebases, Oxlint scans Microsoft VSCode in under a second and Kibana in just over 3 seconds. The release introduces gradual ESLint migration via eslint-plugin-oxlint, expanded rule coverage (TypeScript, React, Next.js), and Astro/Svelte/Vue support. Future plans include custom plugin support and deeper IDE integrations as part of VoidZero’s mission to modernize JavaScript tooling.

Recursion kills: The story behind CVE-2024-8176 / Expat 2.7.0 released, includes security fixes

Expat 2.7.0 patches a severe recursion flaw uncovered by Jann Horn of Google Project Zero, allowing attackers to trigger stack overflows via deeply nested XML entities. The vulnerability, dubbed a “linear billion laughs,” could lead to denial of service across systems using Expat’s XML parser. A collaborative 10-month effort involving Siemens, Linutronix, and Red Hat removed unsafe recursion, replacing it with safer iterative code. Expat maintainers urge all users and vendors to upgrade to 2.7.0 to avoid exploitation risks.

Researcher Tobia Righi discovered a vulnerability (CVE-2024-9956) allowing attackers within Bluetooth range to hijack PassKeys via FIDO:/ intents on mobile browsers. By tricking victims into navigating to malicious FIDO:/ URIs, attackers could initiate legitimate WebAuthn requests, capturing PassKeys and enabling account takeovers. Chrome, Safari, and Firefox mobile browsers were affected; fixes involved blocking FIDO:/ intent navigation from web pages. This critical finding demonstrates PassKeys phishing risks and highlights the need for stricter intent handling in mobile platforms.

Noah Gregory reveals how NetAuthAgent’s unverified MIG message handling allowed attackers to exfiltrate file server credentials from macOS Keychain. The same flaw exposed iCloud API tokens, granting access to contacts, calendars, and remote Find My operations, including device lock/erase. Apple patched this in macOS Sequoia 15.1, Sonoma 14.7.1, and Ventura 13.7.1 (Oct 2024). Users on older versions should update immediately. Key takeaway: unprotected legacy MIG servers remain a significant attack surface in macOS—more discoveries likely coming soon.

🤖 This Week in AI Security 🤖

I explore how large language models (LLMs) outperform traditional SAST tools by reducing false positives and uncovering hidden vulnerabilities. Key challenges include mathematically validating LLM findings and mitigating missed edge cases through additional context and fine-tuning. The post highlights techniques like AST parsing, code navigation, and multi-shot prompting to enhance LLM-assisted security reviews. Despite their effectiveness, LLMs remain underutilized in OSS security—though teams like XBOW Security and Google’s Project Zero are advancing the space.

Zachary Huang breaks down LLM-powered agents in his beginner-friendly guide, showing they’re just decision graphs with nodes, actions, and loops. Using PocketFlow, a lightweight 100-line framework, he demonstrates how to build a simple research agent that searches the web and answers questions. The tutorial emphasizes clarity over complexity, helping beginners grasp agent workflows without heavy abstractions. Key takeaway: no matter how complex an agent framework looks, it’s all about decision-making loops and branching actions.

🏆 AppSec Tools of The Week 🏆

CodePathfinder playground is open source online hosted tool to query on your source code using CodeQL queries. You could generate nice and beautiful AST graphs of your source code and then query them directly and filter results.

Mobile Verification Toolkit (MVT) is a tool to facilitate the consensual forensic analysis of Android and iOS devices, for the purpose of identifying traces of compromise.

🔎 Detection Studio is a privacy-focused, browser-based tool that converts Sigma rules into SIEM-specific queries (Splunk, ES|QL, Loki).
⚡ It runs entirely client-side using pySigma + Pyodide, with support for pipelines, filters, and persistent workspaces.
🛠️ Share, export, and manage detection rules easily—paving the way for Detection-as-Code workflows in SOC environments.

Galois introduces GREASE, an open-source under-constrained symbolic execution tool for analyzing binaries and spotting elusive vulnerabilities. Supporting ELF binaries and LLVM bitcode, GREASE integrates with Ghidra and Binary Ninja, offering advanced symbolic memory operations. It successfully detected real-world issues like CVE-2018-13785 in libpng, showcasing its effectiveness in binary security analysis. GREASE aims to complement fuzzers and tools like angr, providing broader input space coverage and deeper bug discovery capabilities.

Vet 1.9.8 is out—with GitHub Actions scanning support!

🚀 Vet 1.9.8 now supports scanning GitHub Actions code, addressing risks from mutable tags like in the recent tj-actions/changed-files attack. It ensures secure analysis by resolving commit SHAs before scanning, protecting against supply chain threats.

And that’s a wrap for this week! If you enjoy this curated issue, feel free to forward or share it with your appsec folks, team, hackerclub. For feedback, hugs, bugs or chats drop an email to [email protected]