No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

Researcher reported the vuln in March. Maintainers haven't responded to his messages since ...
The Hacker News

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...

Root Evidence Research Finds Only 1.4% of Vulnerabilities Are Known to Be Exploited in Real-World Attacks

Root Evidence, the cybersecurity startup championing evidence-based security, today released new research showing that the ...
https//beincrypto.com

Squid Distances Itself From $3.2 Million Hack of Lookalike Third-Party Contract

Attackers exploited a third-party SquidRouterModule to drain $3.2M from 86 Gnosis Safes. Stolen tokens were swapped into 3 million DAI via attacker-controlled Uniswap V3 pools. Squid says the contract ...
Cryptopolitan on MSN

Gnosis Safe users lose $3.2M in Base and Ethereum exploit

$3.2M drained from 86 Gnosis Safes on Base and Ethereum in under 2 hours via a vulnerable third-party SquidRouterModule ...

Squid and Safe Labs say third-party module behind $3.2M exploit

A suspected third-party Safe module exploit has drained about $3.2 million from wallets across Ethereum and Base, with ...
SecurityWeek

Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks

Google and iVerify analysis reveals a powerful exploit kit originally used by Russian state actors that is now appearing in broader criminal campaigns. Multiple iOS exploits and five exploit chains ...