New Gogs zero-day flaw lets hackers get remote code execution
…This critical severity argument injection security flaw has yet to be assigned a CVE ID, affects the latest release versions (Gogs 0.14.2 and 0.15.0+dev), and can only…
Search
Gogs patches critical zero-day enabling remote code execution
…cybersecurity company publicly disclosed it following a lack of response to multiple status updates, the Gogs maintainers released version 0.14.3 on June 7 to patch this flaw and requested a…
New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute
…Instead of sending a response, the server periodically sends tiny WINDOW_UPDATE frames to avoid timeouts. In this scenario, the requests are never fully completed, and the allocated memory keeps growing without…
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
…In the long term, to mitigate the risk from similar attacks, consider enforcing lockfile-only installs, which should prevent auto/silent package updates. UPDATE [08:36 EST]: Added information from Microsoft Threat…
Max-severity flaw in ChromaDB for AI apps allows server hijacking
…BleepingComputer contacted the Chroma team about the status of CVE-2026-45829 but had not received a response by the time of publication. We will update this article if additional details become…
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
…Over time, the operation moved heavily toward automation. Later updates introduced “Zero Config” deployment workflows, allowing affiliates to upload static files, automatically generate phishing-ready packages, and deploy infrastructure with minimal manual…
New Linux 'Dirty Frag' zero-day gives root on all major distros
…Because it is a deterministic logic bug that does not depend on a timing window, no race condition is required, the kernel does not panic when the exploit fails, and the success…
To show you the most relevant results, we’ve omitted some entries very similar to those already shown. Repeat the search with the omitted results included.