246 matches found
Researchers Say Fiverr Left User Files Open to Google Search
Private Fiverr user documents, including tax records and IDs, were reportedly found in Google search results due to a storage configuration issue. Read more about the findings and the company’s response to the data exposure...
Server-side Request Forgery (SSRF)
Overview google-search-mcp is a Google Search MCP Server for Claude Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the extractContent function. An attacker can access internal resources or perform unauthorized requests by supplying crafted URLs to the...
A week in security (March 9 – March 15)
Last week on Malwarebytes Labs: Watch out for fake Malwarebytes renewal notices in your calendar Google patches two Chrome zero-days under active attack. Update now Attackers impersonate Temu in ClickFix $Temu airdrop scam Apple patches Coruna exploit kit flaws for older iOS versions This Android...
How to see your Google Search history (and delete it)
Your Google Search history provides one of the most detailed windows into your private life, and I know this because when I looked at my own search history last year, I was overwhelmed by the information buried within. Across just 18 months, Google tracked the 8,079 searches I made and the 3,050...
MAL-2026-874 Malicious code in google-search-result (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7ada4db6050e81933dbf7a82d659e0793c79b0b8f771b3175b5ef4668563238a Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...
One privacy change I made for 2026 (Lock and Code S07E02)
This week on the Lock and Code podcast … When you hear the words "data privacy," what do you first imagine? Maybe you picture going into your social media apps and setting your profile and posts to private. Maybe you think about who you've shared your location with and deciding to revoke some of...
CVE-2025-23698
Cross-Site Request Forgery CSRF vulnerability in ivanra10 WP Custom Google Search wp-custom-google-search allows Stored XSS.This issue affects WP Custom Google Search: from n/a through = 1.0...
Google ads funnel Mac users to poisoned AI chats that spread the AMOS infostealer
Researchers have found evidence that AI conversations were inserted in Google search results to mislead macOS users into installing the Atomic macOS Stealer AMOS. Both Grok and ChatGPT were found to have been abused in these attacks. Forensic investigation of an AMOS alert showed the infection...
EUVD-2005-3751
Malware in sbrugna...
EUVD-2005-3750
Malware in sbrugna...
EUVD-2020-29765
Malware in sbrugna...
EUVD-2011-1347
Malware in sbrugna...
EUVD-2006-6206
Malware in sbrugna...
EUVD-2014-0400
Malware in sbrugna...
EUVD-2021-2269
Malware in sbrugna...
EUVD-2021-31816
Malicious code in bioql PyPI...
EUVD-2025-3354
Malicious code in bioql PyPI...
EUVD-2022-5987
Malicious code in bioql PyPI...
pagodo
This is an offensive tool for web application discovery. The primary CVE ID is not present in the provided context. The target product/service or framework is Google Search, and the vulnerability class/vector is not explicitly stated. The probable entry points are scripts/modules such as...
CVE-2025-58832
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly Search by Google search-google allows Stored XSS.This issue affects Search by Google: from n/a through = 1.9...