Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

WordPress Core 5.6.2 XPath Injection

WordPress Core version 5.6.2 appears to suffer from an xpath injection vulnerability via the log parameter.

Packet Storm
Open in Source
#sql#vulnerability#web#mac#windows#apple#wordpress#php#xpath#auth#chrome#webkit
Gigabud RAT Android Banking Malware Targets Institutions Across Countries

Account holders of over numerous financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru are being targeted by an Android banking malware called Gigabud RAT. "One of Gigabud RAT's unique features is that it doesn't execute any malicious actions until the user is authorized into the malicious application by a fraudster, [...] which makes it harder to detect," Group-IB

PCMag ranks Malwarebytes #1 cybersecurity vendor

Categories: Business PCMag readers named Malwarebytes the #1 most-recommended security software vendor in its list of Best Tech Brands for 2023.  (Read more...) The post PCMag ranks Malwarebytes #1 cybersecurity vendor appeared first on Malwarebytes Labs.

macOS Ventura Background Task Flaws Can Be Exploited for Malware

By Habiba Rashid Renowned Mac security researcher Patrick Wardle recently unveiled potential weaknesses within Apple’s macOS Ventura, shedding light on vulnerabilities… This is a post from HackRead.com Read the original post: macOS Ventura Background Task Flaws Can Be Exploited for Malware

A new type of "freedom," or, tracking children with AirTags, with Heather Kelly: Lock and Code S04E17

Categories: Podcast This week on Lock and Code, we speak with Heather Kelly about why how parents are using AirTags to give their kids freedom. (Read more...) The post A new type of "freedom," or, tracking children with AirTags, with Heather Kelly: Lock and Code S04E17 appeared first on Malwarebytes Labs.

An Apple Malware-Flagging Tool Is ‘Trivially’ Easy to Bypass

The macOS Background Task Manager tool is supposed to spot potentially malicious software on your machine. But a researcher says it has troubling flaws.

GitHub’s Hardcore Plan to Roll Out Two-Factor Authentication (2FA)

GitHub has spent two years researching and slowly rolling out its multifactor authentication system. Soon it will be mandatory for all 100 million users—with no opt-out.

CVE-2020-24075: Kalium Changelog - Laborator

Cross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code.

CVE-2020-25915: There is a store Stored XSS vulnerability in user management · Issue #675 · thinkcmf/thinkcmf

Cross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login.