X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - ITSECURITYNEWS.INFO - A La Une - 02/01/2025 18:32

DoubleClickjacking allows clickjacking on major websites

The “DoubleClickjacking” exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. DoubleClickjacking is a technique that allows attackers to bypass protections on major websites by leveraging a double-click sequence. Attackers can exploit the technique to…

Articles similaires

Sorry! Image not available at this time

Critical Authentication Bypass in better-auth API Keys Plugin Allows Unauthenticated Account Takeover

itsecuritynews.info - 19/Feb 11:09

A critical authentication bypass vulnerability in the better-auth API keys plugin allows unauthenticated attackers to mint privileged API keys for...

Sorry! Image not available at this time

Critical Authentication Bypass in better-auth API Keys Plugin Allows Unauthenticated Account Takeover

itsecuritynews.info - 19/Feb 11:09

A critical authentication bypass vulnerability in the better-auth API keys plugin allows unauthenticated attackers to mint privileged API keys for...

Sorry! Image not available at this time

Hackers Exploit Free Firebase Accounts to Launch Phishing Campaigns

itsecuritynews.info - 07/Feb 07:04

A new wave of phishing campaigns where scammers are abusing Google’s legitimate infrastructure to bypass security filters. Attackers are now...

Sorry! Image not available at this time

Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack Campaign

itsecuritynews.info - 09/Feb 13:41

A sophisticated way to bypass email security by weaponizing legitimate messages from trusted companies like Apple and PayPal. These attacks, known as...

Sorry! Image not available at this time

Critical UUID Flaw in Fiber v2 on Go 1.24+ Enables Session Hijacking, CSRF Bypass, and Zero-ID DoS Risk

itsecuritynews.info - 11/Feb 17:18

A severe vulnerability has been discovered in Fiber v2, a popular Go web framework, that could allow attackers to hijack user sessions, bypass...

Sorry! Image not available at this time

Critical infra Honeywell CCTVs vulnerable to auth bypass flaw

bleepingcomputer.com - 18/Feb 20:58

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a critical vulnerability in multiple Honeywell CCTV products that...

Sorry! Image not available at this time

Critical infra Honeywell CCTVs vulnerable to auth bypass flaw

bleepingcomputer.com - 18/Feb 20:58

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a critical vulnerability in multiple Honeywell CCTV products that...

Sorry! Image not available at this time

CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs

securityaffairs.co - 19/Feb 11:54

CISA warns Honeywell CCTVs are affected by a critical auth bypass flaw (CVE-2026-1670) allowing unauthorized access or account hijacking. The U.S....

Sorry! Image not available at this time

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

securityaffairs.co - 12/Feb 06:13

Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti...

Sorry! Image not available at this time

Critical SandboxJS Vulnerability Allows Remote Host Takeover – PoC Released

itsecuritynews.info - 11/Feb 17:18

A severe sandbox escape vulnerability has been discovered in the JavaScript library, enabling attackers to execute arbitrary code on host systems. The...