I got an email from Vercel urging to upgrade Next.js based project 3 days ago. POC was published 2 days ago. Today I’ve checked my logs and I could already see attack attempts.
I got an email from Vercel urging to upgrade Next.js based project 3 days ago. POC was published 2 days ago. Today I’ve checked my logs and I could already see attack attempts.
Well, Element seems to still be running at the unupdated version even after update, so I’m just shutting the server down.
I’m bummed that it took me 5 days to learn about it, does anyone have some tips how to get early warnings for techs you’re using? I’m guessing there’s a way with npm.
Also, anyone has some tips how to properly compromise-check your server? I’m guessing there are logs to check for compromise, and audit your startup scripts for persistence? Any tools that could help with that?
Renovate can flag CVEs in its pull requests, if you just want to check versions