Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

New ResumeLooters Gang Targets Job Seekers, Steals Millions of Resumes

By Deeba Ahmed So far, the gang has mostly targeted job seekers in the APAC (Asia Pacific) region. This is a post from HackRead.com Read the original post: New ResumeLooters Gang Targets Job Seekers, Steals Millions of Resumes

HackRead
Open in Source
#sql#xss#vulnerability#web#apple#intel#backdoor#samsung#auth
State of Malware 2024: What consumers need to know

The State of Malware 2024 report covers some topics that are of special interest to home users: privacy, passwords, malvertising, banking Trojans, and Mac malware.

2054, Part II: Next Big Thing

“If molecules really were the new microchips, the promise of remote gene editing was that the body could be manipulated to upgrade itself.” An exclusive excerpt from 2054: A Novel.

Patch management needs a revolution, part 5: How open source and transparency can force positive change

This is the fifth and final part of Vincent Danen’s “Patch management needs a revolution” series.Patch management needs a revolution, part 1: Surveying cybersecurity’s lineagePatch management needs a revolution, part 2: The flood of vulnerabilitiesPatch management needs a revolution, part 3: Vulnerability scores and the concept of trustPatch management needs a revolution, part 4: Sane patching is safe patching is selective patchingThere is an intersection between “compliance” and “security” but it’s wise to realize that compliance does not equal security. Compliance, when don

SISQUAL WFM 7.1.319.103 Host Header Injection

SISQUAL WFM version 7.1.319.103 suffers from a host header injection vulnerability.

Apple Security Advisory 02-02-2024-1

Apple Security Advisory 02-02-2024-1 - visionOS 1.0.2 addresses a code execution vulnerability.

GYM MS 1.0 Cross Site Scripting

Gym Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original credit for this finding goes to Jyotsna Adhana in October of 2020 but uses a different vector of attack for this software version.

WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting

WhatsUp Gold 2022 version 22.1.0 Build 39 suffers from a persistent cross site scripting vulnerability.

Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware

The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from the official Google Play Store and were collectively downloaded more than 1,400 times between

Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan

The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group's Pegasus spyware, according to joint findings from Access Now and the Citizen Lab. Nine of the 35 individuals have been publicly confirmed as targeted, out of whom six had their devices compromised with the mercenary