Find notable cyber news and cases, enriched with sources, timelines, and signals.

Writer critical session isolation security flaw

Vulnerability
First reported
Last updated
Happening score
H score 33
1 unique sources, 1 articles

Summary

Hide ▲

Writer disclosed a now-patched critical session isolation vulnerability that could enable cross-tenant compromise and account takeover in its enterprise AI platform. The one-click WriteOut flaw abused live preview behavior to forward a victim's session cookie into an attacker-controlled sandbox. Writer said it fixed the issue and moved previews to an isolated origin.

Timeline

  1. 07.07.2026 16:27 2 articles · 2d ago

    WriteOut flaw lets shared Writer preview links leak session cookies

    Initial Disclosure

    Sand Security disclosed WriteOut, a critical session isolation vulnerability in Writer that could let a signed-in user who opened a shared live preview link have a session cookie forwarded into an attacker-controlled sandbox and enable cross-tenant account takeover, including access to private chats, documents, agents, configurations, private models, connectors, and LLM credentials; Writer said it fixed the issue within 24 hours of notification in May 2026, prevented session cookies from reaching sandbox previews, and moved previews to an isolated origin.

    Show sources