top of page
ALL POSTS
AutoJack Attack: Web Page Hijacking Enables AI Agent Host Code Execution
Key Findings Microsoft researchers discovered AutoJack, an exploit chain in AutoGen Studio that allows a single web page to execute arbitrary code on a developer's machine The vulnerability exists in the Model Context Protocol (MCP) WebSocket handler and requires no authentication, credentials, or user interaction beyond the agent loading a malicious URL Vulnerable pre-release builds 0.4.3.dev1 and 0.4.3.dev2 were shipped to PyPI, though the stable release 0.4.2.2 is unaffect
Jun 203 min read
Critical cPanel and WHM Security Update: Three New Vulnerabilities Patched to Prevent File Read, Code Execution, and Privilege Escalation
Key Findings cPanel and WHM released patches for three vulnerabilities affecting multiple versions CVE-2026-29201 allows arbitrary file read through insufficient input validation CVE-2026-29202 enables arbitrary Perl code execution for authenticated users CVE-2026-29203 exploits unsafe symlink handling for denial-of-service and potential privilege escalation No evidence of active exploitation yet, but disclosure follows recent zero-day attacks using Mirai and Sorry ransomware
May 102 min read
Adobe Releases Critical Security Patch for Actively Exploited Acrobat Reader Vulnerability CVE-2026-34621
Key Findings Adobe released emergency patches for CVE-2026-34621, a critical vulnerability in Acrobat Reader actively exploited in the wild The flaw has a CVSS score of 8.6 and allows arbitrary code execution through prototype pollution in JavaScript Evidence suggests exploitation has been occurring since at least December 2025 Security researcher Haifei Li discovered the vulnerability being used to deliver malicious JavaScript via crafted PDFs Affected versions include Acrob
Apr 122 min read
Unpatched GitLab Zero-Day Exploited Across 1,000+ Instances Amid Active Attacks
Key Findings: A high-severity unpatched security vulnerability in Gogs (CVE-2025-8110) with a CVSS score of 8.7 is under active exploitation, affecting over 700 compromised instances accessible online. The vulnerability allows for file overwrite in the file update API, enabling an attacker to achieve arbitrary code execution through a four-step process. The malware deployed in the attacks is a payload based on Supershell, an open-source command-and-control (C2) framework ofte
Dec 11, 20252 min read
bottom of page
