Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Ilevia EVE X1 Server 4.7.18.0.eden Credentials Leak Through Log Disclosure

The EVE X1 server suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'passwd' HTTP POST parameter in /ajax/php/login.php script.

Zero Science Lab
Open in Source
#vulnerability#web#android#mac#windows#linux#debian#apache#php#auth
AI-powered stuffed animals: A good alternative for screen time?

Startups are ready to bring AI powered toys to the market as an alternative for screen time. But is that really progress?

How to spot the latest fake Gmail security alerts

Fake Gmail security alerts are tricking users into inadvertently handing over control of their accounts to scammers. Here's what to look for.

Threat Actor Claims to Sell 15.8 Million Plain-Text PayPal Credentials

A seller named Chucky_BF is offering 15.8M PayPal logins with emails, passwords, and URLs. The data may come…

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure. "The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft capabilities to target more than 700 banking, shopping, and cryptocurrency applications," Hunt.io

Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme

Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from wiring funds directly out of accounts, the phishers have pivoted to using multiple compromised brokerage accounts in unison to manipulate the prices of foreign stocks.

Romance scammers in Ghana charged with more than $100 million in theft

Four men from Ghana were extradited for their alleged role in stealing more than $100 million through romance scams and BEC.

New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits

Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. "PhantomCard relays NFC data from a victim's banking card to the fraudster's device," ThreatFabric said in a report. "PhantomCard is based on

Flaw in Older Version of Android Rooting Tool KernelSU Allows Full Device Takeover

Zimperium’s zLabs team uncovers a critical security flaw in the popular Android rooting tool, KernelSU v0.5.7. Learn how…

Patch Tuesday: Microsoft Fixes 107 Vulnerabilities, Including 13 RCE Flaws

Microsoft’s August Patch Tuesday fixes 107 vulnerabilities, including 13 critical RCE flaws, impacting Windows, Office, Azure, and more,…