Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

nullcon Goa 2023 Live Bug Hunting

nullcon Goa 2023 will be having a live bug hunting competition to win money. Registration deadline is September 7, 2023. The conference will be held September 22nd through the 24th, 2023.

Packet Storm
Open in Source
#ios#mac#apple#microsoft#js#intel#ssh
Chinese APT Slid Fake Signal and Telegram Apps onto Official App Stores

By Habiba Rashid Key Findings Cybersecurity researchers have warned of fake Signal and Telegram apps that have been distributed through the… This is a post from HackRead.com Read the original post: Chinese APT Slid Fake Signal and Telegram Apps onto Official App Stores

Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.

A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud. “The Chinese-speaking threat actors behind this campaign are operating a package-tracking text scam sent via iMessage to collect personally identifying information (PII) and payment credentials from victims, in the

Chinese Smishing Triad Gang Hits US Users in Extensive Cybercrime Attack

By Deeba Ahmed Smishing Triad Impersonating Leading Mail/Delivery Services in New Attack This is a post from HackRead.com Read the original post: Chinese Smishing Triad Gang Hits US Users in Extensive Cybercrime Attack

2 Polish Men Arrested for Radio Hack That Disrupted Trains

Plus: A major FBI botnet takedown, new Sandworm malware, a cyberattack on two major scientific telescopes—and more.

CVE-2023-39582: Security issues - Chamilo LMS

SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions.

Why is .US Being Used to Phish So Many of Us?

Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States.

CVE-2023-40970: [Security Bugs] SQL Injection at loan_rules.php · Issue #205 · slims/slims9_bulian

Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loan_rules.php.

Apple's Decision to Kill Its CSAM Photo-Scanning Tool Sparks Fresh Controversy

Child safety group Heat Initiative plans to launch a campaign pressing Apple on child sexual abuse material scanning and user reporting. The company issued a rare, detailed response on Thursday.

Hackers Exploit Adobe ColdFusion Vulnerabilities to Deploy Malware

By Habiba Rashid The cybersecurity researchers at FortiGuard Labs have identified several Adobe ColdFusion vulnerabilities impacting Windows and Mac devices. This is a post from HackRead.com Read the original post: Hackers Exploit Adobe ColdFusion Vulnerabilities to Deploy Malware