This Week in Web Security: Exploits, AI Risks, and Unpatched Legacy Bugs
Attackers are using the same automated tools as defenders—but with malicious intent. Meanwhile, old vulnerabilities remain unpatched, creating persistent risks.
Read moreSecurity insights, vulnerability roundups, and updates from the Agent Breach team.
One digest email when we publish new security articles (TL;DR plus links to read more). Unsubscribe anytime from the message footer. See our Privacy Policy.
Attackers are using the same automated tools as defenders—but with malicious intent. Meanwhile, old vulnerabilities remain unpatched, creating persistent risks.
Read moreUbuntu 24.04 LTS systems using PipeWire are vulnerable to denial-of-service attacks due to unbounded input handling flaws. Patches are available immediately.
Read moreGoogle and Microsoft removed ModHeader from their stores after researchers discovered a dormant browsing history collector. Although inactive, the finding raises serious privacy concerns for over 1.6 million users.
Read moreA new macOS malware named CrashStealer uses a notarized dropper to bypass Apple's Gatekeeper security. It steals sensitive data after validating the user's login password.
Read moreAttackers linked to ShinyHunters bypassed traditional exploits by leveraging pre-existing OAuth trust relationships. They accessed corporate Salesforce data without triggering platform vulnerabilities.
Read moreAttackers use voice-based social engineering to trick users into enrolling fake passkeys. This grants unauthorized access to Microsoft 365 accounts for data extortion.
Read moreResearch on 281 popular free Android VPNs reveals widespread privacy failures. Many apps leak traffic or transmit data unencrypted.
Read moreA misconfigured server exposed a cybercriminal operation targeting over 1.4 million WordPress sites. Researchers gained rare insight into the tools and methods used for large-scale website compromises.
Read moreLumen Technologies scaled its asset inventory from 17,000 to over 1.1 million items, revealing critical gaps in enterprise visibility. Accurate asset management is foundational for effective cybersecurity programs.
Read moreTwo critical Joomla extensions, iCagenda and Balbooa Forms, are under active exploitation as zero-days. CISA has added these vulnerabilities to its Known Exploited Vulnerabilities catalog.
Read more