ioc[.]one - OSINT Cyber Threat Intelligence Database

Careful Where You Code: Multiple Vulnerabilities in AI-Powered PR-Agent

Tags

country:	Laos
attack-pattern:	Data Code Repositories - T1213.003 Code Repositories - T1593.003 Credentials - T1589.001 Cron - T1053.003 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Sudo - T1169

Show in Graph

Common Information

Type	Value
UUID	a1d08560-fa19-40b4-9bee-ebca44cac186
Fingerprint	be8455110f039a88
Analysis status	DONE
Considered CTI value	0
Text language
Published	Aug. 29, 2024, 10:13 a.m.
Added to db	Aug. 31, 2024, 4:43 a.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	Careful Where You Code: Multiple Vulnerabilities in AI-Powered PR-Agent
Title	Careful Where You Code: Multiple Vulnerabilities in AI-Powered PR-Agent
Detected Hints/Tags/Attributes	72/2/36

Source URLs

	Redirection	Url
Details	Source	https://research.kudelskisecurity.com/2024/08/29/careful-where-you-code-multiple-vulnerabilities-in-ai-powered-pr-agent/

URL Provider

Details	Provider	Source level domain
Details	kudelskisecurity.com	research.kudelskisecurity.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	205	✔	Kudelski Security Research	https://research.kudelskisecurity.com/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	67	gitlab.com
Details	Domain	27	api.github.com
Details	Domain	1	foobar.openai.azure.com
Details	Domain	2	openai.azure.com
Details	Domain	26	crates.io
Details	Domain	8	build.rs
Details	Domain	138	setup.py
Details	Domain	3	registry-1.docker.io
Details	Domain	3	auth.docker.io
Details	Domain	3	registry.docker.io
Details	Domain	98	requests.post
Details	Domain	3	uvicorn.run
Details	Domain	4127	github.com
Details	File	1	--some.key
Details	File	1	some.key
Details	File	1	gitlab.url
Details	File	1	--gitlab.url
Details	File	2	secrets.doc
Details	File	1	local.doc
Details	File	127	setup.py
Details	File	1	malicious_setup.py
Details	File	7	certificate.crt
Details	File	3	registry-1.doc
Details	File	3	auth.doc
Details	File	4	registry.doc
Details	File	7	r.json
Details	File	72	response.json
Details	IPv4	79	1.2.3.4
Details	IPv4	619	0.0.0.0
Details	IPv4	1	4.246.133.215
Details	Url	1	https://gitlab.com
Details	Url	2	https://api.github.com
Details	Url	1	http://1.2.3.4:80
Details	Url	1	https://some_name_to_guess.openai.azure.com
Details	Url	1	https://registry-1.docker.io/v2
Details	Url	1	https://auth.docker.io/token?account=username&client_id=docker&offline_token=true&service=registry.docker.io