Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2022-29687: SQL injection vulnerability exists in Cscms music portal system v4.2 (Discovered by 星海Lab) · Issue #30 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/level_del.

CVE
#sql#vulnerability#web#windows#apple#js#java#php#ssh#chrome#webkit
ChromeLoader targets Chrome Browser users with malicious ISO files

ChromeLoader is working its way into Chrome browsers via ISO images claiming to offer cracked games. What are the dangers? The post ChromeLoader targets Chrome Browser users with malicious ISO files appeared first on Malwarebytes Labs.

Cybergang Claims REvil is Back, Executes DDoS Attacks

Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin.

‘How Are They Weapons? That’s Only a Flashlight!’

During the protests in Hong Kong, young people carried laser pointers, umbrellas, and plastic ties—objects that sometimes led to their arrest, and years of legal limbo.

‘How Are They Weapons? That’s Only a Flashlight!’

During the protests in Hong Kong, young people carried laser pointers, umbrellas, and plastic ties—objects that sometimes led to their arrest, and years of legal limbo.

Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room

A group of academics has devised a system that can be used on a phone or a laptop to identify and locate Wi-Fi-connected hidden IoT devices in unfamiliar physical spaces. With hidden cameras being increasingly used to snoop on individuals in hotel rooms and Airbnbs, the goal is to be able to pinpoint such rogue devices without much of a hassle. The system, dubbed Lumos, is designed with this

CVE-2022-29651: Online Food Ordering System Unrestricted File Upload + Remote Code Execution - HackMD

An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

CVE-2022-29650: Online Food Ordering System Unauthenticated Sql Injection - HackMD

Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food-search.php.

‘Tough to Forge’ Digital Driver’s Licenses Are—Yep—Easy to Forge

Researchers found a litany of security flaws that allow simple, quick, and cheap forgeries in Australia.

Proton Is Trying to Become Google—Without Your Data

The encrypted-email company, popular with security-conscious users, has a plan to go mainstream.