LastPass reports an active phishing campaign using fake maintenance emails and spoofed domains to trick users into revealing ...
A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials, browser data, and ...
Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...
Cloudflare patched an ACME HTTP-01 validation flaw that disabled WAF protections and let unauthorized requests reach origin ...
Scanning 5M apps uncovered 42K exposed secrets in JavaScript bundles, revealing major gaps in traditional SAST, DAST, and ...
Orphaned human and non-human accounts evade IAM controls, enabling breaches, compliance risk, and the need for continuous ...
Elliptic says Telegram-based Tudou Guarantee has stopped public transactions after handling $12B, amid arrests and ongoing global crypto scam crackdow ...
Researchers uncovered a CrashFix campaign where a fake Chrome ad blocker crashes browsers to trick users into installing the ...
StackWarp is a hardware flaw affecting AMD Zen 1–5 CPUs that allows privileged hosts to execute code inside SEV-SNP ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback