OkoBot injects recovery phrase lures into Ledger and Trezor apps, targeting hundreds of Windows users across more than 25 ...
Approved marketing tags can load unvetted fourth-party scripts with access to forms, checkout fields, and customer data after ...
SonicWall says attackers are exploiting two SMA 1000 zero-days, including a code injection flaw that could enable ...
U.S. sanctions First VPN and two operators over ransomware support as the U.K. and E.U. target 24 Russian cyber actors and ...
LegacyHive is a PoC for a Windows ProfSvc privilege escalation flaw that works after the July 2026 update, but the public ...
Mozilla fixes two critical Firefox flaws with public exploit code as Google, Adobe, and Broadcom patch Chrome, ColdFusion, ...
Researchers found built-in privacy leaks in 85 browser wallets that can link addresses, survive logout, and expose users ...
SAP patches three critical flaws, including a 9.9 NetWeaver ABAP memory bug and default OAuth credentials that may expose ...
Two RabbitMQ flaws can expose OAuth secrets or queue metadata, with one potentially enabling full broker takeover in affected ...
Claude for Chrome v1.0.80 still accepts forged clicks from other extensions, triggering Gmail, Docs, and Calendar tasks ...
Pentera’s MCP Server gives AI assistants access to validated attack paths, helping teams prioritize exploitable risks and ...
JFrog finds 148 npm proxy packages turned student browsers into a DDoS botnet, while a mutable loader lets operators re-arm ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results