Tag: vulnerability-disclosure

Active Android Exploit, Government-Targeted Campaigns, and OAuth Abuse Highlight March Threat Landscape

Google disclosed active exploitation of a Qualcomm Android vulnerability while Microsoft warned of OAuth redirect campaigns targeting government entities. Meanwhile, SloppyLemming APT actors launched dual malware chains against Pakistan and Bangladesh governments.

Mar 3, 2026The Hacker News, Ars Technica Security, SANS ISC, MSRC Security Updates

androidoauthgovernment-targeting

🇺🇸Google🇺🇸Oracle Data Cloud🇺🇸Apple

highVulnerabilities & Exploits

Weekly Vulnerability Roundup: OpenClaw AI Agent Hijacking, Vim Command Injection, and Vitess Path Traversal

Security researchers disclosed a high-severity vulnerability in OpenClaw that allows malicious websites to hijack local AI agents via WebSocket connections. Microsoft's security update guide also published three new CVEs affecting Vim and Vitess.

Mar 1, 2026The Hacker News, MSRC Security Updates

vulnerability-disclosureai-securitycommand-injection

mediumIndustry & Policy

Security Researcher Faces Legal Threats After Vulnerability Disclosure

Security researcher documents legal intimidation following vulnerability disclosure, highlighting ongoing challenges in coordinated disclosure practices and researcher protection.

Feb 21, 2026Hacker News (filtered)

vulnerability-disclosurelegal-threatsresponsible-disclosure

highVulnerabilities & Exploits

Vulnerability Intelligence: AI Exploit Acceleration, Android Banking Trojans, and Mass CVE Disclosures

AI tools collapse exploitation windows, new Android banking trojans target IPTV users, Iran protest surveillance campaigns emerge, while Microsoft publishes 100+ CVE disclosures spanning Chrome,...

Feb 19, 2026The Hacker News, Qualys, SANS ISC, MSRC Security Updates

vulnerability-disclosureandroid-malwareai-exploitation