Secrets Management Archives • Daily CyberSecurity

Critical 9.6 CVSS OIDC Flaws in OpenBao Turn “Direct Login” Into a Phishing Trap OpenBao Vulnerability OIDC Session Hijacking

Critical 9.6 CVSS OIDC Flaws in OpenBao Turn “Direct Login” Into a Phishing Trap

Do Son March 30, 2026

The OpenBao community, the open-source initiative dedicated to managing and distributing sensitive data like secrets and certificates,...

Critical VSCode Supply Chain Flaw: 550+ Secrets Leaked Via Extensions, Exposing 100K+ Users to Malware VSCode PAT Leak, Supply Chain Secrets

Critical VSCode Supply Chain Flaw: 550+ Secrets Leaked Via Extensions, Exposing 100K+ Users to Malware

Do Son October 16, 2025

Cybersecurity researchers at Wiz Research have uncovered what they describe as a “pattern of secret leakage” affecting...

CVE-2025-6203: DoS Flaw in HashiCorp Vault Allows Attackers to Crash Servers HashiCorp Vault, vulnerability CVE-2024-7594 - Vault Community Edition

HashiCorp Vault, vulnerability CVE-2024-7594 - Vault Community Edition

CVE-2025-6203: DoS Flaw in HashiCorp Vault Allows Attackers to Crash Servers

Do Son September 2, 2025

HashiCorp has issued a security advisory for a newly disclosed vulnerability in Vault, its widely used secrets...

Critical HashiCorp Vault Flaw (CVE-2025-6000) Allows Code Execution for Privileged Users CVE-2025-6000 CVE-2024-2048 HashiCorp Vault, RCE Vulnerability

CVE-2025-6000 CVE-2024-2048 HashiCorp Vault, RCE Vulnerability

Critical HashiCorp Vault Flaw (CVE-2025-6000) Allows Code Execution for Privileged Users

Do Son August 4, 2025

In a recently disclosed advisory, HashiCorp has patched a critical vulnerability—CVE-2025-6000—in Vault, its industry-standard secrets management solution....

Critical Alert 1 Active Exploit Detected Today

Critical 9.6 CVSS OIDC Flaws in OpenBao Turn “Direct Login” Into a Phishing Trap

Critical VSCode Supply Chain Flaw: 550+ Secrets Leaked Via Extensions, Exposing 100K+ Users to Malware

CVE-2025-6203: DoS Flaw in HashiCorp Vault Allows Attackers to Crash Servers

Critical HashiCorp Vault Flaw (CVE-2025-6000) Allows Code Execution for Privileged Users