Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Morocco Investigates Social Security Agency Data Leak

A threat actor has claimed responsibility for the alleged politically motivated attack and has uploaded the stolen data to a Dark Web forum.

DARKReading
Open in Source
#web
Homeland Security Email Tells a US Citizen to 'Immediately' Self-Deport

An email sent by the Department of Homeland Security instructs people in the US on a temporary legal status to leave the country. But who the email actually applies to—and who actually received it—is far from clear.

GHSA-f87w-3j5w-v58p: CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) https://nvd.nist.gov/vuln/detail/CVE-2025-2783 https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html https://issues.chromium.org/issues/405143032

GHSA-vrq4-9hc3-cgp7: TigerVNC accessible via the network and not just via a UNIX socket as intended

## Summary `jupyter-remote-desktop-proxy` was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by `jupyter-remote-desktop-proxy` were still accessible via the network. This vulnerability does not affect users having TurboVNC as the `vncserver` executable. ## Credits This vulnerability was identified by Arne Gottwald at University of Göttingen and analyzed, reported, and reviewed by @frejanordsiek.

GHSA-m454-3xv7-qj85: CVE-2025-1386- Query smuggling in ch-go library

### Impact When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream. ### Patches If you are using ch-go library, we recommend you to update to at least version 0.65.0. ### Credit This issue was found by lixts and reported through our bugcrowd program.

GHSA-2xm2-23ff-p8ww: Formie has XSS vulnerability for email notification content for preview

### Impact It is possible to inject malicious code into the HTML content of an email notification, which is then rendered on the preview. There is no issue when rendering the email via normal means (a delivered email). This would require access to the form's email notification settings. ### Patches This has been fixed in Formie 2.1.44. Users should ensure they are running at least this version.

Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing

Russian APT group Storm-2372 employs device code phishing to bypass Multi-Factor Authentication (MFA). Targets include government, technology, finance,…

BentoML Vulnerability Allows Remote Code Execution on AI Servers

TL;DR: A critical deserialization vulnerability (CVSS 9.8 – CVE-2025-27520) in BentoML (v1.3.8–1.4.2) lets attackers execute remote code without…

Sex-Fantasy Chatbots Are Leaking a Constant Stream of Explicit Messages

Some misconfigured AI chatbots are pushing people’s chats to the open web—revealing sexual prompts and conversations that include descriptions of child sexual abuse.

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps

Cybersecurity researchers have found that threat actors are setting up deceptive websites hosted on newly registered domains to deliver a known Android malware called SpyNote. These bogus websites masquerade as Google Play Store install pages for apps like the Chrome web browser, indicating an attempt to deceive unsuspecting users into installing the malware instead. "The threat actor utilized a