Worksnaps Net Worksnaps
Monthly
Credential exposure in Worksnaps client application before version 1.6.20260201 allows attackers who obtain the binaries to extract hardcoded AWS root credentials and S3 bucket identifiers, granting access to production cloud resources containing sensitive user desktop screenshots. The flaw was disclosed by SEC-VLab (SEC Consult) and a vendor-patched build is available; no public exploit identified at time of analysis, though credential extraction from distributed binaries is trivial once the artifact is obtained.
Credential exposure in Worksnaps client application before version 1.6.20260201 allows attackers who obtain the binaries to extract hardcoded AWS root credentials and S3 bucket identifiers, granting access to production cloud resources containing sensitive user desktop screenshots. The flaw was disclosed by SEC-VLab (SEC Consult) and a vendor-patched build is available; no public exploit identified at time of analysis, though credential extraction from distributed binaries is trivial once the artifact is obtained.