Skip to main content

Posts

Featured

🔥 Unpatched Zero-Days Dropped Publicly & Chrome's Sandbox Shattered in a Single Bug

Two critical threats landed today that every organization using Chrome or open-source dev tools needs to know about immediately — one involves unpatched zero-days dropped into the open with no warning, the other punches through Chrome's security sandbox with a single flaw. 🗂️ Anonymous Hacker Publishes Unpatched Zero-Days — No Vendor Warning An anonymous researcher going by "bikini" just dropped a GitHub repository called "exploitarium" containing working exploit write-ups for two unpatched vulnerabilities — without telling the software makers first. That's a big deal because it means attackers can use these exploits right now, with no fixes available. The two flaws are a remote code execution bug in libssh2 (a widely used SSH library) and an authentication bypass in Gitea , a popular self-hosted Git platform. In plain English: an attacker could potentially take over servers running these tools without needing a password. If your team uses Gitea for...

CISA Advisories

Latest Posts

27 Million Passwords Stolen — And Chrome Is About to Get Less Safe 🔐

27M Stolen Credentials Seized 🚨 + The Mac Malware That Tricks AI Security Tools

🦠 Malware Hides in Your Code Editor & 9 Million Hit by Fake Boots Emails

🚨 Malware Hiding in Code Editors & 8.9 Million Hit by Phishing Scam

FortiBleed Hits 30K Firewalls 🛡️ & A 27-Year-Old Lock with No Key 🐡

Cardiac Data Held Hostage & A Researcher Almost Hijacked the World Cup 🏥⚽

Council of Europe Hacked 🇪🇺 & Microsoft Copilot Used to Steal Your Data 💻

Splunk's Critical Pre-Auth RCE 💥 & a Hidden Flaw in AI Agents 🤖

450K Records Stolen at UK University 🎓 & a Sneaky Email Spoof Flaw 📧

Ivanti's Perfect-10 Bug 💥 & ServiceNow's Tenant Leak 🩹