Had the opportunity to do some cool research on React today, published on our blog at OX Security, it's funny how these fixes sometimes look so unhinged 😅 Isn't there a better way to stop a loop? Read the full article ox.security/blog/react-cve… #reactjs #cve #vulnerability

The whole MongoDB exploit is getting out of hand, you can see our blogpost inside this overview alongside many other great articles about it!

ChatGPT Chats Stolen By Two Malicious Chrome Extensions The OX Research team found two malicious Chrome extensions, with a total of 900,000 users - exfiltrating chats directly from the ChatGPT and DeepSeek websites. Full analysis here: lnkd.in/dmDszbFu #malware #chatgpt

🚨We detected two malicious Chrome extensions stealing ChatGPT and DeepSeek conversations🚨 Read our blog for all the details: ox.security/blog/malicious… #malware #chrome #extensions #security

Waiting for a response after reporting a potential CVSS 10.0 vulnerability is nerve wrecking...

After a dedicated effort, both malicious Chrome extensions that we reported last week for stealing AI conversations 𝗵𝗮𝘃𝗲 𝗯𝗲𝗲𝗻 𝗿𝗲𝗺𝗼𝘃𝗲𝗱 𝗳𝗿𝗼𝗺 𝘁𝗵𝗲 𝗖𝗵𝗿𝗼𝗺𝗲 𝗪𝗲𝗯 𝗦𝘁𝗼𝗿𝗲. Combined, these extensions impacted nearly 1 million users ox.security/blog/malicious…

Attackers are upgrading. Again. 😅 We’ll look at the techniques gaining traction and some seriously cool findings from our research team. Most importantly, we're covering what you actually need to do about it all to keep secure. ox.security/webinar/threat…

A non-important XSS or a critical vulnerability affecting millions? We reported an XSS in Microsoft's VS Code Extension - Live Preview, one-click exfiltrating sensitive user information. They closed it as a non-issue -> then fixed with no credit. WDYT? ox.security/blog/xssinlive…