Web Security

Looker Studio

New “LeakyLooker” Vulnerabilities in Google Looker Studio May Allow Cross Tenant SQL Queries

Cybersecurity researchers have uncovered a group of security vulnerabilities in Google Looker Studio that could have enabled attackers to run unauthorized SQL queries against victims’ databases and extract sensitive information across different organizations. The flaws, collectively named LeakyLooker, were identified by researchers from Tenable. The vulnerabilities could have exposed data across multiple environments within Google Cloud infrastructures. Google has confirmed that […]

New “LeakyLooker” Vulnerabilities in Google Looker Studio May Allow Cross Tenant SQL Queries Read More »

Salesforce Experience

Threat Actors Conduct Mass Scanning of Salesforce Experience Cloud Using Modified AuraInspector Tool

Cybersecurity teams at Salesforce have reported a surge in malicious activity targeting publicly accessible Experience Cloud environments. According to the company, attackers are conducting large scale scans of these sites using a modified version of an open source security tool known as AuraInspector. The campaign primarily focuses on identifying misconfigured guest user permissions, which can expose sensitive data stored within Salesforce

Threat Actors Conduct Mass Scanning of Salesforce Experience Cloud Using Modified AuraInspector Tool Read More »

Malicious npm Package Disguised as OpenClaw Installer Installs RAT and Steals macOS Credentials

Cybersecurity researchers have identified a malicious npm package that pretends to be an installer for OpenClaw but actually deploys a remote access trojan and steals sensitive information from macOS systems. The package, called @openclaw-ai/openclawai, was uploaded to the npm registry on March 3, 2026 by a user named “openclaw-ai”. Security researchers observed that the package had

Malicious npm Package Disguised as OpenClaw Installer Installs RAT and Steals macOS Credentials Read More »

Malicious Laravel Packages on Packagist Deliver RAT Across Windows, macOS, and Linux

Cybersecurity researchers have uncovered malicious PHP packages on Packagist that impersonate legitimate Laravel utilities while secretly deploying a cross platform remote access trojan capable of running on Windows, macOS, and Linux systems. The packages, published under the vendor namespace nhattuanbl, include: According to findings from Socket, the lara-swagger package does not directly contain malicious code. Instead,

Malicious Laravel Packages on Packagist Deliver RAT Across Windows, macOS, and Linux Read More »

Google Introduces Merkle Tree Certificates to Support Quantum Resistant HTTPS in Chrome

Google has unveiled a new initiative within its Chrome browser aimed at strengthening HTTPS security against the long term threat of quantum computing. The move represents a significant step toward building a quantum-resistant internet without sacrificing speed or scalability. In a statement from the Chrome Secure Web and Networking Team, Google clarified that it does

Google Introduces Merkle Tree Certificates to Support Quantum Resistant HTTPS in Chrome Read More »

Over 900 Sangoma FreePBX Instances Compromised in Active Web Shell Attacks

More than 900 internet facing FreePBX systems from Sangoma Technologies remain compromised with web shells following exploitation of a serious command injection vulnerability, according to findings released by Shadowserver Foundation. The large scale compromise began in December 2025 and continues to impact organizations worldwide. Of the affected instances, 401 are located in the United States, 51 in Brazil,

Over 900 Sangoma FreePBX Instances Compromised in Active Web Shell Attacks Read More »

CISA Warns Recently Patched RoundCube Vulnerabilities Are Now Being Exploited

The U.S. Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency, has issued an urgent alert regarding two recently patched vulnerabilities affecting Roundcube Webmail. The agency confirmed that both flaws are now being actively exploited in real world attacks and has directed federal agencies to apply patches within three weeks. Roundcube has served as the default

CISA Warns Recently Patched RoundCube Vulnerabilities Are Now Being Exploited Read More »

CISA Adds Two Actively Exploited Roundcube Vulnerabilities to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added two high-risk vulnerabilities affecting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog. The move comes after reports of active exploitation, underscoring the urgency for organizations to patch affected systems promptly. Details of the Vulnerabilities The newly listed vulnerabilities include: Dubai-based cybersecurity company FearsOff,

CISA Adds Two Actively Exploited Roundcube Vulnerabilities to KEV Catalog Read More »

ClickFix Campaign Exploits Compromised Websites to Deploy MIMICRAT Malware

Cybersecurity researchers have uncovered a sophisticated ClickFix campaign that leverages compromised legitimate websites to distribute a newly identified remote access trojan named MIMICRAT, also referred to as AstarionRAT. According to Elastic Security Labs, the operation demonstrates significant technical maturity. Attackers are using breached websites across various industries and regions as delivery infrastructure, deploying a multi stage

ClickFix Campaign Exploits Compromised Websites to Deploy MIMICRAT Malware Read More »

WordPress Plugin with 900K Installations Exposed to Critical RCE Vulnerability

A critical security vulnerability has been discovered in the WPvivid Backup and Migration plugin for WordPress, a widely used tool installed on more than 900,000 websites. The flaw could allow unauthenticated attackers to execute arbitrary code on vulnerable sites, potentially leading to full website compromise. The vulnerability is tracked as CVE-2026-1357 and carries a CVSS

WordPress Plugin with 900K Installations Exposed to Critical RCE Vulnerability Read More »