Critical RabbitMQ bug exposes OAuth secrets to unauthenticated attackers

A high-severity flaw in RabbitMQ lets attackers steal OAuth secrets from the management interface without authentication.

The Latest

Breaking News and Alerts

Microsoft patches record 622 flaws including two zero-days under attack

July 2026 Patch Tuesday sets a new record with 622 fixes, including two privilege escalation zero-days in SharePoint Server and AD FS exploited in active attacks.

Spotlight

Cybersecurity Profiles and Stories

AsyncAPI npm packages with millions of weekly downloads compromised via GitHub actions

Five AsyncAPI npm packages with 2.9 million weekly downloads were trojanized after a GitHub Actions token theft.

Hackers spoofed 3.7 million OAuth client ids to enumerate entra ID users

Attackers used 3.7 million spoofed OAuth client IDs to enumerate Entra ID user accounts and map application ecosystems.

LabubaRAT masquerades as NVIDIA software to control Windows hosts

A new Rust-based RAT called LabubaRAT disguises itself as NVIDIA software and supports multi-channel C2 communications.

German textile firm files for insolvency after cyberattack shut production for six weeks

German manufacturer ZEGO-TVZ filed for insolvency after a March cyberattack halted production for nearly six weeks.

Features

Research and Thought Leadership