Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

‘Poseidon’ Mac stealer distributed via Google ads

A competitor of the infamous Atomic Stealer targeting Mac users, has just launched a new campaign to lure in more victims.

Malwarebytes
#xss#web#mac#windows#apple#google#auth
How to Use Python to Build Secure Blockchain Applications

Did you know it’s now possible to build blockchain applications, known also as decentralized applications (or “dApps” for short) in native Python? Blockchain development has traditionally required learning specialized languages, creating a barrier for many developers… until now. AlgoKit, an all-in-one development toolkit for Algorand, enables developers to build blockchain applications in pure

Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks

Cybersecurity researchers have disclosed a high-severity security flaw in the Vanna.AI library that could be exploited to achieve remote code execution vulnerability via prompt injection techniques. The vulnerability, tracked as CVE-2024-5565 (CVSS score: 8.1), relates to a case of prompt injection in the "ask" function that could be exploited to trick the library into executing arbitrary

Is Defense Winning? A Look at Decades of Playing Catch-up

In this Black Hat USA preview, scholar Jason Healey examines strategies for measuring and shifting the balance of cyber defense.

Apple AirPods Bug Allows Eavesdropping

The vulnerability affects not only AirPods, but also AirPods Max, Powerbeats Pro, Beats Fit Pro, and all models of AirPods Pro.

Polyfill.io Supply Chain Attack Smacks Down 100K+ Websites

The site is supplying malicious code that delivers dynamically generated payloads and can lead to other attacks, after a Chinese organization bought it earlier this year.

Debian Security Advisory 5719-1

Debian Linux Security Advisory 5719-1 - It was discovered that Emacs is prone to arbitrary shell code evaluation when opening a specially crafted Org file.

Ubuntu Security Notice USN-6819-4

Ubuntu Security Notice 6819-4 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service.