Mur d'images - Cyberveille

curated by Decio

50,000+ Azure AD Users Exposed via Unsecured API: BeVigil Uncovers Critical Flaw | CloudSEK

Thousands of websites hit by four backdoors in 3rd party JavaScript attack

Government and university websites targeted in ScriptAPI[.]dev client-side attack - c/side

European Space Agency's official store hacked to steal payment cards

The Art of Concealment: A New Magecart Campaign That’s Abusing 404 Pages | Akamai

PindOS: New JavaScript Dropper Delivering Bumblebee and IcedID

Exploit available for critical bug in VM2 JavaScript sandbox library

Exploitation is a Dish Best Served Cold: Winter Vivern Uses Known Zimbra Vulnerability to Target Webmail Portals of NATO-Aligned Governments in Europe

Reversing Emotet Dropping Javascript

Crime group hijacks hundreds of US news websites to push malware

Exploited Windows zero-day lets JavaScript files bypass security warnings