Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Ilevia EVE X1/X5 Server 4.7.18.0.eden Root Privilege Escalation

A misconfiguration in the sudoers file permits passwordless execution of specific Bash shell scripts via sudo, exposing a critical privilege escalation vulnerability. When such scripts are writable by a web-facing user (www-data) or accessible through a command injection vector, an attacker can overwrite or replace them with malicious payloads. Upon execution with sudo, these scripts run with elevated privileges, allowing the attacker to gain full root access remotely.

Zero Science Lab
Open in Source
#vulnerability#web#android#mac#windows#linux#debian#apache#php
Ilevia EVE X1/X5 Server 4.7.18.0.eden Insecure Hashing Algorithm

The application stores user passwords in the database using the MD5 hashing algorithm, which is considered cryptographically insecure due to its vulnerability to collision and brute-force attacks. MD5 lacks modern protections such as salting and computational hardness, making it trivial for attackers to crack password hashes using precomputed rainbow tables or GPU-accelerated dictionary attacks.

ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More

Cybercrime has stopped being a problem of just the internet — it’s becoming a problem of the real world. Online scams now fund organized crime, hackers rent violence like a service, and even trusted apps or social platforms are turning into attack vectors. The result is a global system where every digital weakness can be turned into physical harm, economic loss, or political

Do robots dream of secure networking? Teaching cybersecurity to AI systems

This blog demonstrates a proof of concept using LangChain and OpenAI, integrated with Cisco Umbrella API, to provide AI agents with real-time threat intelligence for evaluating domain dispositions.

Severe React Native Flaw Exposes Developer Systems to Remote Attacks

JFrog researchers found a critical RCE vulnerability (CVE-2025-11953) in the popular React Native CLI. Developers using versions 4.8.0-20.0.0-alpha.2 must update to patch the flaw.

Securing the Open Android Ecosystem with Samsung Knox

Raise your hand if you’ve heard the myth, “Android isn’t secure.” Android phones, such as the Samsung Galaxy, unlock new ways of working. But, as an IT admin, you may worry about the security—after all, work data is critical. However, outdated concerns can hold your business back from unlocking its full potential. The truth is, with work happening everywhere, every device connected to your

Apple patches 50 security flaws—update now

Apple has patched nearly 50 security flaws across iPhones, Macs, Safari and more. Some could expose your data or let hackers in, so don’t wait to update.

“Sneaky” new Android malware takes over your phone, hiding in fake news and ID apps

Think you’re just checking the news? A particularly sneaky Android Trojan has other plans—like stealing your banking details.

Android Malware Mutes Alerts, Drains Crypto Wallets

Android/BankBot-YNRK is currently targeting users in Indonesia by masquerading as legitimate applications.

Attack of the clones: Fake ChatGPT apps are everywhere

App stores are overflowing with AI lookalikes—some harmless copies, others hiding adware or even spyware.