Aggregator
Upwind Finds Coordinated Supply Chain Campaign Compromising Multiple AsyncAPI npm Packages
Finland issues wanted notice for hacker behind massive psychotherapy data breach
Researchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail Reads
Fortinet Patches Seven Vulnerabilities Across FortiOS, FortiProxy, FortiPAM, and FortiSandbox
Fortinet disclosed seven new security advisories on July 14, 2026, affecting FortiOS, FortiProxy, FortiPAM, and FortiSandbox. The flaws range from low-severity header injection bugs to medium-severity buffer overflows and a notably concerning unauthenticated VNC exposure in FortiSandbox. While none carry a critical rating, several affect widely deployed enterprise firewall and proxy versions, making prompt patching […]
The post Fortinet Patches Seven Vulnerabilities Across FortiOS, FortiProxy, FortiPAM, and FortiSandbox appeared first on Cyber Security News.
Brazilian Health Council Conasems Allegedly Breached Again, 766,000 Users' Sensitive Data Leaked
Hackers Spoof 3.7 Million OAuth Client IDs to Stealthily Enumerate 2 Million Entra ID Users
Threat actors are increasingly exploiting spoofed OAuth client IDs to enumerate Microsoft Entra ID accounts and identify potentially valid credentials while evading traditional detection methods, according to recent research from Proofpoint. OAuth client IDs are globally unique identifiers assigned to registered applications. During authentication, an application submits its identifier through the client_id parameter. Microsoft Entra […]
The post Hackers Spoof 3.7 Million OAuth Client IDs to Stealthily Enumerate 2 Million Entra ID Users appeared first on Cyber Security News.
LabubaRAT Masquerades as NVIDIA Software to Control Windows Hosts
Tego AI Finds Claude Tag Slack Integration Can Trigger Unauthorized Enterprise Actions
Welsh Doxbin Administrator Jailed for Encouraging Swatting Attacks Across Three Countries
Claude for Chrome Vulnerability Lets Attackers Read Gmail, Docs, and Calendar Data
Anthropic’s Claude for Chrome browser extension has two unpatched flaws that allow attackers to read a victim’s Gmail, Google Docs, and Calendar data using just six lines of JavaScript, even after eight subsequent releases. Manifold researchers first reported the issues in May 2026, yet both remain reproducible in the latest v1.0.80, released July 7, 2026. […]
The post Claude for Chrome Vulnerability Lets Attackers Read Gmail, Docs, and Calendar Data appeared first on Cyber Security News.
Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown
Frontier AI: The Genie's Out of the Bottle, but Where's the Rulebook?
SAP Patches Critical NetWeaver, AppRouter, and Commerce Cloud Vulnerabilities
Langflow Exploited to Build Custom DDoS Gafgyt Botnets
SecWiki News 2026-07-14 Review
更多最新文章,请访问SecWiki
ClickFix's Mushrooming Ecosystem Demands New Defense Tactics
Chaos
You must login to view this content