55 matches found
Malicious code in @ibrahim1337/baksen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea195bd44e54cd1051fc279a0e871b02c15eea04f65c80979d756fa767f541b4 Package @ibrahim1337/baksen ships a Windows x64 infostealer toolkit that targets Chromium-family browsers Chrome, Brave, Edge, Opera, Opera GX on the...
MAL-2026-6575 Malicious code in @ibrahim1337/baksen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea195bd44e54cd1051fc279a0e871b02c15eea04f65c80979d756fa767f541b4 Package @ibrahim1337/baksen ships a Windows x64 infostealer toolkit that targets Chromium-family browsers Chrome, Brave, Edge, Opera, Opera GX on the...
Microsoft is changing Edge’s plaintext password behavior
Microsoft said it will change Edge’s password handling as a “defense‑in‑depth” measure. Originally, Edge decrypted the entire saved‑password store on startup and kept all credentials resident in process memory in clear text for the whole browser session, regardless of whether a given credential w...
Researcher Shows Edge Browser Stores Saved Passwords in Plaintext
Cybersecurity expert Tom Rønning finds Microsoft Edge loads all saved passwords into computer memory as cleartext, making them easy for hackers to steal...
CVE-2026-32634
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised server name and the discovered IP address for dynamic servers, but later builds connection URIs from the untrusted advertised name instead ...
UBUNTU-CVE-2026-32634
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised server name and the discovered IP address for dynamic servers, but later builds connection URIs from the untrusted advertised name instead ...
CVE-2026-32634 Glances Central Browser Autodiscovery Leaks Reusable Credentials to Zeroconf-Spoofed Servers
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised server name and the discovered IP address for dynamic servers, but later builds connection URIs from the untrusted advertised name instead ...
New MacSync Stealer Disguised as Trusted Mac App Hunts Saved Passwords
Jamf security experts have found a new version of MacSync Stealer. Disguised as a zk-call app, it uses official notarization to bypass security and steal your saved passwords...
EUVD-2020-7658
Malware in sbrugna...
EUVD-2018-7334
Malware in sbrugna...
EUVD-2024-40948
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-11703
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox 13...
CVE-2025-24245
This issue was addressed by adding a delay between verification code attempts. This issue is fixed in macOS Sequoia 15.4. A malicious app may be able to access a user's saved passwords...
CVE-2024-44204
A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver...
SUSE CVE-2024-11703
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox 133...
CVE-2024-11703
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication...
CVE-2024-11703
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox 133...
CVE-2024-11703
CVE-2024-11703 affects Firefox on Android, where a vulnerability could allow viewing saved passwords without the required device PIN authentication in Firefox versions older than 133. The CVE entry notes the impact is high for confidentiality and integrity, with exploitation described as requirin...
CVE-2024-11703
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox 133...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security bypass vulnerability exists in Mozilla Firefox, which can be exploited by an attacker to view saved passwords without performing the required device PIN authentication...