High-severity flaws in the Chainlit AI framework could allow attackers to steal files, leak API keys & perform SSRF attacks; ...
LastPass reports an active phishing campaign using fake maintenance emails and spoofed domains to trick users into revealing ...
A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
Experts say the VoidLink Linux malware was largely built using AI, reaching 88,000 lines of code in days and highlighting faster malware development.
North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials, browser data, and ...
Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...
Cloudflare patched an ACME HTTP-01 validation flaw that disabled WAF protections and let unauthorized requests reach origin ...
Scanning 5M apps uncovered 42K exposed secrets in JavaScript bundles, revealing major gaps in traditional SAST, DAST, and ...
Orphaned human and non-human accounts evade IAM controls, enabling breaches, compliance risk, and the need for continuous ...
Researchers found an indirect prompt injection flaw in Google Gemini that bypassed Calendar privacy controls and exposed ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback