heise online EnglishZero-day allows code execution in WindChill and FlexPLM
The manufacturer warns and urges admins to urgently secure their instances with a workaround. A patch is still pending.
Miss Kitty 🌈🌈🌈An #election #exploit like a cowgirl roping a fucking bull taking down an #election by winning two states and making #healthcare and the end of #homelessness happen. That's pretty fucking #gangster, call it #outlaw, give it a fucking name. I might just show you how to play the game. Booyah!
HackerWorkspaceVoidStealer malware steals Chrome master key via debugger trick
Short summary: https://hackerworkspace.com/article/voidstealer-malware-steals-chrome-master-key-via-debugger-trick
Auric Crypto NewsUSR just collapsed! 🚨
The stablecoin fell to $0.25 after an $80M unbacked mint exploit. Here’s what we know so far: https://auriccrypto.com/stable/stablecoin-shock-resolvs-usr-loses-peg-after-80m-mint/
heise SecurityZero-Day erlaubt Codeausführung in WindChill und FlexPLM
Der Hersteller warnt und bittet Admins, dringend ihre Instanzen mit einer Notlösung abzusichern. Ein Patch steht noch aus.
LLVM Adventures: Fuzzing Apache Modules
https://pwner.gg/blog/2026-03-20-apatchy
Short summary: https://hackerworkspace.com/article/llvm-adventures-fuzzing-apache-modules
Jenny 
Cuidado con los teléfonos #Qualcomm antiguos, están sufriendo una vulnerabilidad, otra razón para empezar a usar custom ROM's, obvio si tienen la posibilidad y el conocimiento para hacerlo, así para estar al dia con las actualizaciones de seguridad que son muy importantes
Eso o ir ahorrando para otro teléfono mas actual...
https://thehackernews.com/2026/03/google-confirms-cve-2026-21385-in.html
wpForo Forum <= 2.4.14 - SQL Injection (CVE-2026-1581)
https://pentest-tools.com/vulnerabilities-exploits/wpforo-forum-2414-sql-injection_29049
Short summary: https://hackerworkspace.com/article/wpforo-forum-2-4-14-sql-injection-cve-2026-1581
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
https://thehackernews.com/2026/03/oracle-patches-critical-cve-2026-21992.html
Short summary: https://hackerworkspace.com/article/oracle-patches-critical-cve-2026-21992-enabling-unauthenticated-rce-in-identity-manager
RAXE-2026-040: Claude Code Workspace Trust Dialog Bypass via Repository Settings (CVE-2026-33068) | RAXE Labs
RAXE-2026-040: Claude Code Workspace Trust Dialog Bypass via Repository Settings (CVE-2026-33068) | RAXE Labs
A high-severity configuration loading order defect (`CVE-2026-33068`, CVSS v4.0 7.7 HIGH) in Anthropic's Claude Code CLI tool allows a malicious repository to bypass the workspace trust confirmation dialog.