Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Textpattern 4.8.8 Remote Code Execution

Textpattern version 4.8.8 suffers from an authenticated remote code execution vulnerability.

Packet Storm
Open in Source
#vulnerability#web#windows#apple#google#linux#apache#java#php#rce#auth#chrome#webkit#ssl
3 tips to raise your backup game

Categories: Personal Because backups are the dental floss of cybersecurity—the thing that everyone knows they should do, that everyone intends to do, that nobody actually does. (Read more...) The post 3 tips to raise your backup game appeared first on Malwarebytes Labs.

3CX Supply Chain Attack — Here's What We Know So Far

Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS. The company said it's engaging the services of Google-owned Mandiant to review the incident. In the

CVE-2023-28756: Ruby 3.2.0 Released

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.

CVE-2023-1741: report/README.md at main · private-null/report

A vulnerability was found in jeecg-boot 3.5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file SysDictMapper.java of the component Sleep Command Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224629 was assigned to this vulnerability.

How to Solve IoT's Identity Problem

Network protocols can be used to identify operating systems and discern other device information.

Update now! Apple fixes actively exploited vulnerability and introduces new features

Categories: Apple Categories: Exploits and vulnerabilities Categories: News Tags: macOS Tags: iOS Tags: iPadOS Tags: watchOS Tags: tvOS Tags: Studio Display Tags: CVE-2023-23529 Tags: type confusion Tags: emoji Apple has released security updates and new features for several of its products, including a fix for an actively exploited vulnerability. (Read more...) The post Update now! Apple fixes actively exploited vulnerability and introduces new features appeared first on Malwarebytes Labs.

Smart home assistants at risk from "NUIT" ultrasound attack

Categories: News Tags: ultrasound Tags: NUIT Tags: speakers Tags: microphone Tags: device Tags: IoT Tags: assistant Tags: alexa Tags: siri Tags: google Tags: silent We take a look at research for an IoT attack called NUIT, capable of hijacking voice assistants via ultrasonic attack. (Read more...) The post Smart home assistants at risk from "NUIT" ultrasound attack appeared first on Malwarebytes Labs.