#apple

Computer Laboratory Management version 1.0 suffers from a remote authenticated SQL injection vulnerability.

Gaati Track version 1.0-2023 suffers from an ignored default credential vulnerability.

Farmacia Gama version 1.0 suffers from an insecure direct object reference vulnerability.

Employee Management System version 1.0 suffers from an ignored default credential vulnerability.

In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress. What's behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like malicious emails

After a good year of sustained exuberance, the hangover is finally here. It’s a gentle one (for now), as the market corrects the share price of the major players (like Nvidia, Microsoft, and Google), while other players reassess the market and adjust priorities. Gartner calls it the trough of disillusionment, when interest wanes and implementations fail to deliver the promised breakthroughs.

On the hunt for corporate devices being sold secondhand, a researcher found a trove of Apple corporate data, a Mac Mini from the Foxconn assembly line, an iPhone 14 prototype, and more.

One hacker solved the CrowdStrike outage mystery with simple crash reports, illustrating the wealth of detail about potential bugs and vulnerabilities those key documents hold.

Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.

libresolv's DNS packet handler suffered from heap out-of-bounds write to infinite-loop denial of service vulnerabilities. This is a proof of concept exploit from Google.