2 matches found
CVE-2026-13602
The CVE-2026-13602 issue describes a session‑takeover chain affecting multiple payment integration plugins (Stripe, pretix-mollie, pretix-oppwa, pretix-bitpay, pretix-payone, pretix-secuconnect, pretix-sofort, pretix-saferpay) and core features. A code path transports session parameters via URL b...
How to investigate service provider trust chains in the cloud
In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to gain access to their...