Hackers Trick DigiCert Into Issuing Certificates Used to Sign Malware

DigiCert revokes 60 code signing certificates after hackers used a malicious support chat attachment to sign the Zhong Stealer malware...

CVE-2024-2045 Session 1.17.5 - LFR via chat attachment

Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. This is possible because the application is vulnerable to Local File Read via chat attachments...