Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

AI 'Nudify' Websites Are Raking in Millions of Dollars

Millions of people are accessing harmful AI “nudify” websites. New analysis says the sites are making millions and rely on tech from US companies.

Wired
Open in Source
#web#ios#apple#google#microsoft#amazon#cisco#git#aws
Your Simple Guide: How to Use Filmora’s Planar Tracker for Awesome Video Edits

Easily stick logos, text, or graphics onto moving surfaces with Filmora’s planar tracker. Just read this article to know how!

FBI Seizes Major Sites Sharing Unreleased and Pirated Video Games

FBI seizes top piracy sites leaking unreleased and pirated video games with millions of downloads and 170 million dollars in losses for developers and publishers.

No thanks: Google lets its Gemini AI access your apps, including messages

Google says it's Gemini AI will soon be able to access your messages, WhatsApp, and utilities on your phone. But we're struggling to see that as a good thing.

A message from Bruce the mechanical shark

This Fourth of July, Bruce, the 25-foot mechanical shark from Jaws, shares how his saltwater struggles mirror the need for real-world cybersecurity stress testing.

The Promise and Peril of Digital Security in the Age of Dictatorship

LGBTIQ+ organizations in El Salvador are using technology to protect themselves and create a record of the country’s ongoing authoritarian escalations against their community. It’s not without risks.

GHSA-hqp6-mjw3-f586: HashiCorp Vagrant has code injection vulnerability through default synced folders

An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant (or C:\vagrant on Windows). This includes the Vagrantfile configuration file, which is a Ruby script evaluated by the host every time a vagrant command is executed in the project directory. If a low-privileged attacker obtains shell access to the guest VM, they can append arbitrary Ruby code to the mounted Vagrantfile. When a user on the host later runs any vagrant command, the injected code is executed on the host with that user’s privileges. While this shared-folder behavior is well-documented by Vagrant, the security implications of Vagrantfile execution from guest-writable storage are not explicitly addressed. This effectively enables guest-to-host code execution in multi-tenant or adversarial VM scenarios.

Bluetooth vulnerability in audio devices can be exploited to spy on users

Researchers have found a set of vulnerabilities in Bluetooth connected devices that could allow an attacker to spy on users.

What Are Some Ways To Diversify Your Crypto Portfolio In 2025?

Data from research suggests that the global cryptocurrency market will at least triple by 2030, increasing to an…

Rising star: Meet Dylan, MSRC’s youngest security researcher

At just 13 years old, Dylan became the youngest security researcher to collaborate with the Microsoft Security Response Center (MSRC). His journey into cybersecurity is inspiring—rooted in curiosity, resilience, and a deep desire to make a difference. Early beginnings: From scratch to security Dylan’s fascination with technology began early. Like many kids, he started with Scratch—a visual programming language for making simple games and animations.