New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites

Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo. “Instead of…

MongoBleed flaw actively exploited in attacks in the wild

securityaffairs.co - 29/12/2025 12:56

A recently disclosed MongoDB flaw (MongoBleed) is under active exploitation, with over 87,000 potentially vulnerable instances exposed worldwide. A...

Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability

securityaffairs.co - 15:04

Cisco addressed a medium-severity vulnerability in ISE and ISE-PIC after a public PoC exploit was disclosed. Cisco addressed a medium-severity...

Critical macOS Flaw Lets Attackers Bypass Apple Privacy Controls Without Consent

itsecuritynews.info - 16:36

A newly disclosed macOS vulnerability bypasses Apple’s TCC privacy controls, allowing silent access to files, microphone data, and user activity....

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

itsecuritynews.info - 06/Jan 05:31

A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated...

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

itsecuritynews.info - 17:32

Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called...

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

itsecuritynews.info - 17:32

Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called...

Net-SNMP Vulnerability Enables Buffer Overflow and the Daemon to Crash

itsecuritynews.info - 25/12/2025 12:02

A new critical vulnerability affecting the Net-SNMP software suite has been disclosed, posing a significant risk to network infrastructure worldwide....

Net-SNMP Vulnerability Enables Buffer Overflow and the Daemon to Crash

itsecuritynews.info - 25/12/2025 12:02

A new critical vulnerability affecting the Net-SNMP software suite has been disclosed, posing a significant risk to network infrastructure worldwide....

Cisco ISE Vulnerability Enables Access to Sensitive Data

itsecuritynews.info - 17:33

Cisco has disclosed a new XML External Entity (XXE) vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector...

Cisco ISE Vulnerability Enables Access to Sensitive Data

itsecuritynews.info - 17:33

Cisco has disclosed a new XML External Entity (XXE) vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector...

Rubriques :

New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites

Articles similaires

MongoBleed flaw actively exploited in attacks in the wild

Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability

Critical macOS Flaw Lets Attackers Bypass Apple Privacy Controls Without Consent

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

Net-SNMP Vulnerability Enables Buffer Overflow and the Daemon to Crash

Net-SNMP Vulnerability Enables Buffer Overflow and the Daemon to Crash

Cisco ISE Vulnerability Enables Access to Sensitive Data

Cisco ISE Vulnerability Enables Access to Sensitive Data

Les derniers communiqués