CVE-2026-50225

The registration path /v1/account/register provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database...

CVE-2026-50225 Account Creation Exhaustion

The registration path /v1/account/register provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database...

CVE-2026-50225

The registration path /v1/account/register provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database...

EUVD-2025-203484

ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to...

ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to reinterpret a valid proof-of-work submission with a modified...

PT-2025-51359

Name of the Vulnerable Software and Affected Versions ALTCHA versions prior to 1.0.0 Golang package ALTCHA versions prior to 1.0.0 Rubygem package ALTCHA versions prior to 1.0.0 pip package ALTCHA versions prior to 1.0.0 Erlang package ALTCHA versions prior to 1.4.1 altcha-lib npm package ALTCHA...

AI Pulse: AI Bot Mitigation Is Increasing Everywhere

...

Holiday “to-do list” for cybersecurity professionals working in eCommerce

The period from mid-November to the end of the year is always particularly stressful for cybersecurity professionals in the eCommerce space. It seems like every hacker and cyber criminal on earth is trying even harder to steal customers’ data or stop digital business operations. And the reason it...

Yeezy Fans Face Sneaker-Bot Armies for Hot Kicks Releases

Shopping bots are likely to make it tough for everyday sneakerheads to get their hands on a pair of new Adidas Yeezy shoes from Kanye West as more styles become available through retailers in the next few months. Researchers at Cequence Security track bots across the internet, and the company’s...

Cloud WAAPs Are the Future of Application Security. But What Does That Mean?

Millions of Verizon FIOS broadband users vulnerable to hackers controlling and surveilling their home networks. Thousands of GPS watches whose maps were open to attackers tracking and eavesdropping on children and elderly users. A zero-day hole in Microsoft’s Edge and Internet Explorer browsers...