vulnerabilities — LowEndSpirit https://staging.lowendspirit.com/index.php?p=/ Sun, 12 Apr 2026 02:32:21 +0000 en vulnerabilities — LowEndSpirit Important PSA - Codecov.IO Bash Uploader Security Update https://staging.lowendspirit.com/index.php?p=/discussion/2803/important-psa-codecov-io-bash-uploader-security-update Sat, 17 Apr 2021 18:12:21 +0000 General nullnothere 2803@/index.php?p=/discussions There has been a fairly serious backdoor implanted resulting in credential leakage.

If you use/have used their tool, please be sure to revoke/rotate your (relevant, affected) credentials immediately.

More information:

https://about.codecov.io/security-update/

Ars Technica has coverage here: https://arstechnica.com/gadgets/2021/04/backdoored-developer-tool-that-stole-credentials-escaped-notice-for-3-months/

]]> Cloudflare open-sources Flan Scan, a network vulnerability scanner https://staging.lowendspirit.com/index.php?p=/discussion/130/cloudflare-open-sources-flan-scan-a-network-vulnerability-scanner Fri, 22 Nov 2019 16:27:11 +0000 General ITLabs 130@/index.php?p=/discussions Cloudflare open sourced Flan Scan, its in-house lightweight network vulnerability scanner.

Flan Scan is a lightweight network vulnerability scanner. With Flan Scan you can easily find open ports on your network, identify services and their version, and get a list of relevant CVEs affecting your network.

Flan Scan is a wrapper over Nmap and the vulners script which turns Nmap into a full-fledged network vulnerability scanner. Flan Scan makes it easy to deploy Nmap locally within a container, push results to the cloud, and deploy the scanner on Kubernetes.

 
Ref.: https://blog.cloudflare.com/introducing-flan-scan/
Ref.: https://github.com/cloudflare/flan
 

Do you use any vulnerability scanner in your daily activities? Which one performs better in your opinion?

]]>