At least some 300,000 machines reachable on the internet are vulnerable to a remote code execution vulnerability that appears to be rather easy to execute on all of those.
The vulnerable package is cups-browsed - a tool for printing - which does get installed by default on many desktop linux systems but who knows ... maybe you are running some media server with your bitcoin wallet and your printer reachable via the same RaspberryPi?
Check your machines. Android appears not to run cups but if you run Linux or Mac, you might want to double-check if you're one of the lucky 300,000 that get to update their system **now**.
https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
WalletScrutiny
npub1j9…vuswx
2024-09-27 03:35:02
Author Public Key
npub1j9kttlc86w63emmldd4h74rekyqpksqup6p9trhp5gjsf374qlyszvuswxSeen on
wss://relay.damus.ioPublished at
2024-09-27 03:35:02Event JSON
{
"id": "33398daf3bdd1c8386b6386ba2eddcb3e557ba0ba20d07ba99df49f647a14a3e",
"pubkey": "916cb5ff07d3b51cef7f6b6b7f5479b1001b401c0e82558ee1a22504c7d507c9",
"created_at": 1727408102,
"kind": 1,
"tags": [
[
"client",
"noStrudel",
"31990:266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5:1686066542546"
]
],
"content": "At least some 300,000 machines reachable on the internet are vulnerable to a remote code execution vulnerability that appears to be rather easy to execute on all of those.\n\nThe vulnerable package is cups-browsed - a tool for printing - which does get installed by default on many desktop linux systems but who knows ... maybe you are running some media server with your bitcoin wallet and your printer reachable via the same RaspberryPi?\n\nCheck your machines. Android appears not to run cups but if you run Linux or Mac, you might want to double-check if you're one of the lucky 300,000 that get to update their system **now**.\n\nhttps://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/",
"sig": "0f52f3ffb03a7397e0c3c7d25586f2a2dc65b7f2603efb99c0b53390d78d4f56e402f7c67607977380bba050330a7d57987cb6c4c99d86ee2541e5dca269319e"
}