🔥 Unpatched Zero-Days Dropped Publicly & Chrome's Sandbox Shattered in a Single Bug
Two critical threats landed today that every organization using Chrome or open-source dev tools needs to know about immediately — one involves unpatched zero-days dropped into the open with no warning, the other punches through Chrome's security sandbox with a single flaw. 🗂️ Anonymous Hacker Publishes Unpatched Zero-Days — No Vendor Warning An anonymous researcher going by "bikini" just dropped a GitHub repository called "exploitarium" containing working exploit write-ups for two unpatched vulnerabilities — without telling the software makers first. That's a big deal because it means attackers can use these exploits right now, with no fixes available. The two flaws are a remote code execution bug in libssh2 (a widely used SSH library) and an authentication bypass in Gitea , a popular self-hosted Git platform. In plain English: an attacker could potentially take over servers running these tools without needing a password. If your team uses Gitea for...