Toxic Combinations: When Cross-App Permissions Stack into Risk

On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat inside the private messages. Some of those...

Bringing Security Visibility to Vercel with Wiz

Giving developers and security teams a shared view of application risk as it evolves...

CVE-2026-27970 Angular i18n vulnerable to Cross-Site Scripting (XSS)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Versions prior to 21.2.0, 21.1.16, 20.3.17, and 19.2.19 have a cross-Site scripting vulnerability in the Angular internationalization i18n pipeline. In ICU messages...

PT-2026-5831

Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...

CVE-2025-59870 Improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk

HCL MyXalytics v6.7 is affected by improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk...

CVE-2024-58321 Kentico Xperience <= 13.0.159 Form Validation Stored XSS

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via form validation rule configuration. Attackers can exploit this vulnerability to execute malicious scripts that will run in users' browsers...

EUVD-2019-0327

Malware in sbrugna...

EUVD-2017-11867

Malware in sbrugna...

EUVD-2014-6683

Malware in sbrugna...

EUVD-2012-0219

Malware in sbrugna...

EUVD-2014-5494

Malware in sbrugna...

EUVD-2021-17648

Malware in sbrugna...

EUVD-2004-0063

Malware in sbrugna...

EUVD-2022-4052

Malicious code in bioql PyPI...

EUVD-2025-22403

Malicious code in bioql PyPI...

EUVD-2024-44034

Malicious code in bioql PyPI...

EUVD-2024-3596

Malicious code in bioql PyPI...

EUVD-2025-19847

Malicious code in bioql PyPI...

EUVD-2024-33532

Malicious code in bioql PyPI...

Hospital Management System about-us.php File SQL Injection Vulnerability

Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the pagetitle parameter of about-us.php. An attacker can exploit thi...