A practitioner's breakdown of the CSRF attack: how the forged request works, two documented exploits, a manual test, and the ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.