Bleeping Computer

New Progress ShareFile flaws can be chained in pre-auth RCE attacks

Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable unauthenticated file exfiltration from affected environments. Progress ShareFile ...
Bleeping Computer

Hackers exploit critical flaw in Ninja Forms WordPress plugin

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution. Identified as ...
Hosted on MSN

Researchers discover OpenAI Codex vulnerability involving Unicode characters

A carefully crafted branch name can steal your GitHub authentication token Unicode spaces hide malicious payloads from human eyes in plain sight Attackers can automate token theft across multiple ...
GitHub

Authentication log analyzer and triage tool

This tool is intended for defensive security, incident response, and authorized administrative auditing. Only analyze systems and logs that you own or have explicit permission to assess. authlog ...
GitHub

griffinmartin/opencode-claude-auth

The plugin registers its own auth provider with a custom fetch handler that intercepts all Anthropic API requests. It reads OAuth tokens from the macOS Keychain (or ~/.claude/.credentials.json on ...