#apple

A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. "Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious

Night Club Booking Software version 1.0 suffers from a cross site scripting vulnerability.

ImgHosting version 1.3 suffers from a cross site scripting vulnerability.

The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's Pegasus spyware, a new collaborative investigation from Access Now and the Citizen Lab has revealed. The infiltration is said to have happened on or around February 10, 2023. Timchenko is the executive editor and owner of Meduza, an independent news publication

Categories: Personal Tags: apple Tags: wanderlust Tags: cryptocurrency Tags: event Tags: BTC Tags: ETH Tags: fake We take a look at a cryptocurrency scam riding on the coat tails of the Apple Wonderlust event. (Read more...) The post iPhone 15 launch: Wonderlust scammers rear their heads appeared first on Malwarebytes Labs.

Categories: Apple Categories: News Tags: Wonderlust Tags: iPhone Tags: iCloud Tags: backup Tags: 2FA Tags: Apple D Tags: trusted device Has the launch of the iPhone 15 triggered a yearning to upgrade to a new model? Here are some tips to consider during transfer. (Read more...) The post Upgrading your iPhone? Read this first appeared first on Malwarebytes Labs.

Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Microsoft has released software fixes to remediate 59 bugs spanning its product portfolio, including two zero-day flaws that have been actively exploited by malicious cyber actors. Of the 59 vulnerabilities, five are rated Critical, 55 are rated Important, and one is rated Moderate in severity. The update is in addition to 35 flaws patched in the Chromium-based Edge browser since last month's

Categories: Business Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: Adobe Tags: Android Tags: Apple Tags: Chrome Tags: SAP Tags: Exchange Tags: Visual Studio Tags: CVE-2023-36761 Tags: CVE-2023-36802 Tags: CVE-2023-29332 Tags: Azure Microsoft's September 2023 Patch Tuesday is another important one. It patches two vulnerabilities which are known to be actively exploited. (Read more...) The post Patch now! September Microsoft Patch Tuesday includes two actively exploited zero-days appeared first on Malwarebytes Labs.

Mozilla on Tuesday released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in the wild, a day after Google released a fix for the issue in its Chrome browser. The shortcoming, assigned the identifier CVE-2023-4863, is a heap buffer overflow flaw in the WebP image format that could result in arbitrary code execution when