Abusing Modern Browser Features for Phishing – Certitude Blog

Research Radar #2: 2026-03-22 | RAXE Labs

RAXE Research Radar Issue #2: 7 papers reviewed. The agent skill supply chain is broken — and automated scanners cannot tell you how.

Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords

Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords. Starting with the upcoming LTS release, every keystroke at a sudo password prompt will echo an asterisk — a small UX fix that has ignited one of Linux's fiercest debates in years.

OpenSIPS SQL Injection to Authentication Bypass (CVE-2026-25554)

The AISLE analyzer discovered a high-severity vulnerability that enables SQL injection in OpenSIPS, a pillar of global communications used by over ...

Hardening Firefox with Anthropic’s Red Team  | The Mozilla Blog

For more than two decades, Firefox has been one of the most scrutinized and security-hardened codebases on the web. Open source means our code is visible,

Clawned — Free OpenClaw Security Scanner | Detect Malware in ClawHub Skills

Free scanner for OpenClaw skills and ClawHub packages. 230+ malicious skills blocked, 14,000+ machines protected. Scans entire skill source code for reverse shells, credential theft, prompt injection, and 60+ threat patterns before it executes.

The Arts Council of Pakistan has a database of 20k+ attendees and full write access completely exposed. Right now.

And as I click publish on this post, the database is still, publicly exposed and has not been patched.