Lucene search
K

4 matches found

Malwarebytes
Malwarebytes
added 2026/04/28 10:46 a.m.17 views

Fake CAPTCHA scam turns a quick click into a costly phone bill

Researchers have documented a long‑running campaign that uses fake CAPTCHA pages to trick mobile users into sending dozens of international SMS messages in the background. If you’ve spent any time on today’s web, CAPTCHAs may seem like background noise: click a few traffic lights, prove you’re...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/28 9:56 a.m.16 views

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The findings come from Truffle Security, which discovered nearly 3,000 Google API keys...

6.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/01/27 5:31 p.m.9 views

Threat Actors Using AWS WorkMail in Phishing Campaigns

Introduction At Rapid7, we track a wide range of threats targeting cloud environments, where a frequent objective is hijacking victim infrastructure to host phishing or spam campaigns. Beyond the obvious security risks, this approach allows threat actors to offload their operational costs onto th...

6AI score
Exploits0
Huntr
Huntr
added 2021/05/22 7:39 a.m.2 views

Improper Access Control in xamarin/googleplayservicescomponents

✍️ Description Google Maps API key without proper referer restrictions is found in your repo. It can be embeded to anyone's website and if the billing account is active, it will incur charges on your account. 🕵️‍♂️ Proof of Concept Visit the following links to verify that you can use the service by...

0.8AI score
Exploits0References1
Rows per page
Query Builder