Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw

Apple has released another round of security updates to address multiple vulnerabilities in iOS and macOS, including a new zero-day flaw that has been used in attacks in the wild. The issue, assigned the identifier CVE-2022-32917, is rooted in the Kernel component and could enable a malicious app to execute arbitrary code with kernel privileges. "Apple is aware of a report that this issue may

The Hacker News
#vulnerability#web#ios#mac#apple#intel#auth#zero_day#webkit#The Hacker News
Popular YouTuber Scuba Jake’s channel hacked to run crypto scam

By Waqas Scuba Jake, whose real name is Jake Koehler, had his YouTube channel "DALLMYD" with 13 million subscribers hacked to steal 1.01 BTC. This is a post from HackRead.com Read the original post: Popular YouTuber Scuba Jake’s channel hacked to run crypto scam

Infix LMS 4.3.0 IFRAME Injection

Infix LMS version 4.3.0 suffers from an iframe injection vulnerability.

iOS 16 Has Two New Security Features for Worst-Case Scenarios

Safety Check and Lockdown Mode give people in vulnerable situations ways to quarantine themselves from acute risks.

CVE-2022-34110: Sell Memory, Sell RAM, Sell Hard Drives

An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to download arbitrary files regardless of file type or size.

Hackers Target Los Angeles School District With Ransomware

Plus: Albania cuts ties with Iran, claims of a TikTok data breach that didn’t happen, and much more.

CVE-2022-38638: Arbitrary file write/overwrite Vulnerability · Issue #1035 · casdoor/casdoor

Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource.

Attackers Exploit Zero-Day WordPress Plug-in Vulnerability in BackupBuddy

The critical flaw in BackupBuddy is one of thousands of security issues reported in recent years in products that WordPress sites use to extend functionality.

mbDrive Lite WiFi Flash Disk 1.4.0 Cross Site Scripting

mbDrive Lite WiFi Flash Disk version 1.4.0 suffers from a cross site scripting vulnerability.