CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KEV) catalog, owing to active exploitation in the wild. Tracked as CVE-2023-7028 (CVSS score: 10.0), the maximum severity vulnerability could facilitate account takeover Read more…

Google MultiLogin Exploit

Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset

Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset Jan 03, 2024NewsroomMalware / Data Theft Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to Read more…