New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.
The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results