Threat actors are exploiting a vulnerability in Gitea’s reverse-proxy authentication mechanism to access internet-accessible instances by supplying only a valid username.
EvilTokens uses AES-GCM encrypted HTML and Microsoft Device Code Phishing to hide Microsoft 365 account takeover pages until ...
A Gitea Docker vulnerability disclosed last month is now drawing real attacker interest, and it is easy to see why. CVE-2026-20896, rated 9.8 out of 10 on the CVSS scale, let anyone who could reach a ...
Dialogflow CX 'Rogue Agent' Flaw Enabled AI Chatbot Data Theft Varonis reported the flaw to Google in late 2025 and it has been addressed, but it reminds defenders to take a fresh look at their AI ...
The GHDB is an index of search queries (we call them dorks) used to find publicly available information, intended for pentesters and security researchers. - readloud/Google-Hacking-Database ...